Few comments:

- All certificates/keys are read with privileges of "spop3d" user. Make sure
  that they are readable for this user. Keys/certificates/paramfiles
  should be in PEM format and can't be protected with passwords.

- OpenSSL 0.9.5a was used for tests, I don't know whether Solid POP3 works
  with older versions.

- Client must run "STLS" command to establish TLS connection by default.
  It's described in RFC2595. I don't know clients which support this extension,
  but there are many clients which support "pop3s" service and you probably
  want to enable it. You can enable "pop3s" service through "TLSWrap" option.
  Remember that "pop3s" service should run on port 995. You should reconfigure
  your inetd/tcpserver if you want to use it. If you want to use standalone
  version of Solid POP3, you should change POP3_PORT constant in src/const.h
  (replace value 110 with 995).

- You should specify TLSDH512ParamFile, TLSDH1024ParamFile if you want to use
  EDH cipher suites. Remember that all DSS cipher suites (DSA certificates)
  are also EDH (or DH, but there is no support for DH cipher suites in OpenSSL
  as of now) suites.

- You can specify entropy source for Pseudo Random Number Generator
  with TLSRandSource option. You SHOULD do this if your system hasn't
  an internal entropy source (/dev/[u]random device)!!!
