diff --git a/resume-setup.sh b/resume-setup.sh
new file mode 100755
index 0000000..9072291
--- /dev/null
+++ b/resume-setup.sh
@@ -0,0 +1,210 @@
+#!/bin/bash
+
+# Resume Email Server Setup - Certificate and Final Steps
+# Run this after DNS records are configured
+
+set -euo pipefail
+
+# Colors
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+# Get configuration from existing files or prompt
+get_config() {
+    # Try to get hostname from existing Postfix config
+    if [[ -f "/etc/postfix/main.cf" ]]; then
+        HOSTNAME=$(grep "^myhostname" /etc/postfix/main.cf | cut -d= -f2 | tr -d ' ' || echo "")
+        DOMAIN=$(grep "^mydomain" /etc/postfix/main.cf | cut -d= -f2 | tr -d ' ' || echo "")
+    fi
+    
+    # If not found, prompt user
+    if [[ -z "${HOSTNAME:-}" ]]; then
+        read -p "Enter your hostname (e.g., mail.terrible.dev): " HOSTNAME
+    fi
+    
+    if [[ -z "${DOMAIN:-}" ]]; then
+        read -p "Enter your domain (e.g., terrible.dev): " DOMAIN
+    fi
+    
+    if [[ -z "${ADMIN_EMAIL:-}" ]]; then
+        read -p "Enter admin email: " ADMIN_EMAIL
+    fi
+    
+    echo "Using:"
+    echo "  Hostname: $HOSTNAME"
+    echo "  Domain: $DOMAIN"
+    echo "  Admin Email: $ADMIN_EMAIL"
+    echo
+}
+
+info() {
+    echo -e "${BLUE}INFO: $1${NC}"
+}
+
+success() {
+    echo -e "${GREEN}SUCCESS: $1${NC}"
+}
+
+warning() {
+    echo -e "${YELLOW}WARNING: $1${NC}"
+}
+
+error() {
+    echo -e "${RED}ERROR: $1${NC}" >&2
+    exit 1
+}
+
+# Test DNS resolution
+test_dns() {
+    info "Testing DNS resolution for $HOSTNAME..."
+    
+    if dig +short A "$HOSTNAME" | grep -q .; then
+        IP=$(dig +short A "$HOSTNAME" | head -1)
+        success "DNS resolution successful: $HOSTNAME -> $IP"
+        return 0
+    else
+        error "DNS resolution failed for $HOSTNAME. Please check your DNS records."
+        return 1
+    fi
+}
+
+# Get SSL certificates
+get_ssl_certificates() {
+    info "Obtaining Let's Encrypt certificates..."
+    
+    # Stop services that might be using port 80
+    systemctl stop apache2 2>/dev/null || true
+    systemctl stop nginx 2>/dev/null || true
+    
+    # Get certificate
+    if certbot certonly --standalone -d "$HOSTNAME" --email "$ADMIN_EMAIL" --agree-tos --non-interactive; then
+        success "SSL certificates obtained successfully"
+    else
+        error "Failed to obtain SSL certificate. Check DNS and firewall."
+    fi
+    
+    # Set up auto-renewal
+    (crontab -l 2>/dev/null; echo "0 12 * * * /usr/bin/certbot renew --quiet") | crontab -
+    
+    success "SSL auto-renewal configured"
+}
+
+# Update configurations with SSL certificates
+update_ssl_configs() {
+    info "Updating configurations with SSL certificates..."
+    
+    # Update Dovecot SSL config
+    if [[ -f "/etc/dovecot/conf.d/10-ssl.conf" ]]; then
+        cat > /etc/dovecot/conf.d/10-ssl.conf << EOF
+ssl = required
+ssl_cert = </etc/letsencrypt/live/$HOSTNAME/fullchain.pem
+ssl_key = </etc/letsencrypt/live/$HOSTNAME/privkey.pem
+ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
+ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384
+ssl_prefer_server_ciphers = yes
+ssl_dh = </etc/dovecot/dh.pem
+EOF
+    fi
+    
+    # Update Apache SSL config
+    if [[ -f "/etc/apache2/sites-available/postfixadmin.conf" ]]; then
+        # Update certificate paths in Apache config
+        sed -i "s|/etc/letsencrypt/live/.*/fullchain.pem|/etc/letsencrypt/live/$HOSTNAME/fullchain.pem|g" /etc/apache2/sites-available/postfixadmin.conf
+        sed -i "s|/etc/letsencrypt/live/.*/privkey.pem|/etc/letsencrypt/live/$HOSTNAME/privkey.pem|g" /etc/apache2/sites-available/postfixadmin.conf
+    fi
+    
+    success "SSL configurations updated"
+}
+
+# Start all services
+start_services() {
+    info "Starting and enabling all services..."
+    
+    # Reload systemd
+    systemctl daemon-reload
+    
+    # Start services in order
+    services=("postgresql" "postfix" "dovecot" "opendkim" "clamav-daemon" "clamav-freshclam" "amavis" "spamassassin" "apache2")
+    
+    for service in "${services[@]}"; do
+        if systemctl enable --now "$service"; then
+            info "✓ $service started and enabled"
+        else
+            warning "✗ Failed to start $service"
+        fi
+        sleep 2
+    done
+    
+    success "All services started"
+}
+
+# Test services
+test_services() {
+    info "Testing service status..."
+    
+    services=("postgresql" "postfix" "dovecot" "opendkim" "clamav-daemon" "amavis" "spamassassin" "apache2")
+    
+    for service in "${services[@]}"; do
+        if systemctl is-active --quiet "$service"; then
+            success "✓ $service is running"
+        else
+            warning "✗ $service is not running"
+        fi
+    done
+}
+
+# Display final information
+display_final_info() {
+    success "Email server setup resumed and completed!"
+    echo
+    echo -e "${BLUE}=== Setup Summary ===${NC}"
+    echo "Hostname: $HOSTNAME"
+    echo "Domain: $DOMAIN"
+    echo "Admin Email: $ADMIN_EMAIL"
+    echo "PostfixAdmin URL: https://$HOSTNAME/postfixadmin/"
+    echo
+    echo -e "${YELLOW}=== DNS Records Still Needed ===${NC}"
+    echo "MX    $DOMAIN       $HOSTNAME"
+    echo "TXT   $DOMAIN       \"v=spf1 mx ~all\""
+    echo "TXT   _dmarc.$DOMAIN \"v=DMARC1; p=none; rua=mailto:dmarc@$DOMAIN\""
+    echo
+    echo -e "${YELLOW}=== DKIM DNS Record ===${NC}"
+    if [[ -f "/etc/opendkim/keys/$DOMAIN/mail.txt" ]]; then
+        cat "/etc/opendkim/keys/$DOMAIN/mail.txt"
+    else
+        echo "DKIM record not found - may need to regenerate"
+    fi
+    echo
+    echo -e "${YELLOW}=== Next Steps ===${NC}"
+    echo "1. Add the remaining DNS records shown above"
+    echo "2. Visit https://$HOSTNAME/postfixadmin/setup.php to complete PostfixAdmin setup"
+    echo "3. Create your first domain and mailbox"
+    echo "4. Test email sending and receiving"
+    echo
+    echo -e "${GREEN}Setup completed successfully!${NC}"
+}
+
+# Main function
+main() {
+    echo -e "${BLUE}Email Server Setup Resume Script${NC}"
+    echo "================================"
+    echo
+    
+    # Check if running as root
+    if [[ $EUID -ne 0 ]]; then
+        error "This script must be run as root"
+    fi
+    
+    get_config
+    test_dns
+    get_ssl_certificates
+    update_ssl_configs
+    start_services
+    test_services
+    display_final_info
+}
+
+main "$@"