At present, I have a paid-for SSL certificate for the mail server. This seems to work OK, but will expire quite soon.
In a reply to another query (which sorted that problem, thanks) ieiloart suggested that I might be able to "point the certificates in /etc/ssl to the certificates of a more suitable domain that has a letsencrypt certificate."
I'm guessing that this would involve adding a few soft links to SSL files, but it isn't clear to me which these should be.
As this is a production server, I'd rather not apply my untutored guesses to it. Can someone explain what I need to do, please?