Set
ssl_client_ca_file=/path/to/cacert.pem to validate the certificate
Can this be the Lets Encrypt cert that we already have? In other words we have:
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
Can those be used?
Are you using haproxy or something in front of dovecot?
No. Just Squirrelmail webmail with sendmail.