You may see a new warning message when accessing email; I have re-created the server SSL certificate. Now instead of being expired, assigned to the wrong address, and being issued by an untrusted authority (that is, me) it is merely signed by an untrusted authority.
In case you’re curious: SSL certificates must be signed by some sort of certification authority. Web browsers then check that signature and display a warning if they don’t see an authority they like. Most “real” certification authorities charge a lot of money in order to sign a certificate for a year (which is why I don’t get a real signature). Fortunately, it is possible to self-sign your own certificate, which is what we use here.
So your sign-on to the web-based email service is still encrypted, but the connection is not certified by an officially recognized authority.