So courier was giving neverending ssl problem, and I replaced it with dovecot. It was quite easy.
First you need to install dovecot.
sudo apt-get install dovecot-common dovecot-imapd dovecot-pop3d
This will remove courier (whoo-hoo) and ebox-mail (still trying to fix that bit) and install dovecot. Then just copy the attached dovecot conf files to /etc/dovecot (backup the existing files if you like).
These are set up for imap(+ssl) and pop(+ssl) where the certificates are stored in /etc/dovecot/ssl.
You will need to sort these yourself, either self-signed or real. If real you need your crt file + all the chain/trusted root files concatenated into /etc/dovecot/ssl/dovecot.pem and the key file stored as /etc/dovecot/ssl/dovecot_key.pem
Make sure they're...
chown root:root /etc/dovecot/ssl/*
chmod 0400 /etc/dovecot/ssl/*
The mail login takes the info straight from the ldap where login user is the full email address and the password is as set by ebox. Cleartext passwords have been enabled (disabled by default) you can disable these again in dovecot.conf if these are undesired.
Dovecot accesses the mailboxes as the ebox user, with the ebox user uid and gid have been set in dovecot.conf. You will need to look these up in /etc/passwd and /etc/groups and update the id numbers in dovecot.conf at 'first_valid_uid' (line 338) and userdb static -> args (line 940). AFAIK the numbers can just be replaced by the word ebox, but this may slow the daemon down slightly, I went the safe route.
If your users use pop for their mailboxes, and leave messages on the server, they will probably get them downloaded again as duplicates. I was too lazy to figure out the pop3_uidl_format that the courier in ebox uses, I set it to the standard courier one, and still got duplicated emails, but the dupes aren't that big a problem, and most default settings in mail clients do not leave messages on the server anyway, so it's only relatively power users who will see the problem, and it's a once off problem.
Enjoy,
Andrew