After spending much time and effort on the mailserver project I think I have finally created a secure and working basic setup. It's currently a little to late to do extensive testing but the brief tests carried out so far look good. A laptop with a self signed ssl certificate can securely connect to the mailserver over the local lan and retrieve the email in the imap store and securely send email out again. Trying to use the mail client on the mailserver itself correctly fails to retrieve the imap store or send email due to not having a self signed certificate to send.
If the rest of my tests work out in a similar manner and the services run stable for a week or so I might finally be able to declare the first stage of the project complete and finish off the documenting the process upto this point.