freebsdrocks.net was started originally as nospam.mine.nu.
Lets convert the Certbot certificate to qmail:
Now lets give proper ownership to the files:
# cd /usr/local/etc/letsencrypt/live/domain.com
# cat fullchain.pem > /var/qmail/control/servercert.pem
# cat privkey.pem >> /var/qmail/control/servercert.pem
The "nofiles" group is the group which "qmaild" belongs to. This combination of ownership and permissions allows qmail-smtpd to read the key, but not change or delete it.
# cd /var/qmail/control
# chown root:nofiles servercert.pem
The "qmail" group is the group with the "qmailr" user belongs to. This user should be able to read, but not write, the "clientcert.pem" file.
# chmod 640 servercert.pem
# cp servercert.pem clientcert.pem
# chown root:qmail clientcert.pem
# chmod a+r /var/qmail/control/servercert.pem
# chmod 640 clientcert.pem