LetsEncrypt
In order to operate, you need a set of (valid) server certificates since the mail-server runs on SSL (TLS, actually).
./bm-config already allows you to generate self-signed certificates, or uses letsencrypt to generate valid certificates for you
SSL certificates can either be bought through an SSL-cert provider, generated by yourself (which results in non-valid self-signed, but still usable certificates for local development), or you can get them for free through LetsEncrypt.
openssl req -subj '/CN=<hostname>' -new -newkey rsa:2048 -sha256 -days 365 -nodes -x509 -keyout server.key -out server.crt
where <hostname> is name of your host (ie: bitmaelum.example.org)
configure inside your server-config.yml the tls.certfile and tls.keyfile settings to your server.cert and server.key.
LetsEncrypt allows you to generate a valid certificate for free automatically. For this to work you will need to have port 80 on your server open (bitmaelum starts a temporary http server for communication with letsencrypt, this cannot be any other port).
./bm-config lets-encrypt
or, you can use the staging/test environment from letsencrypt for testing first:
./bm-config lets-encrypt --staging
