ISPConfig makes it difficult to send an e-mail to be interpreted by the local server. All e-mail addresses are handled by the information in the database. In order to do this, you need to create an alias to an e-mail alias on localhost.

1. In ISPConfig, create a forwarder something@example.com, pointing to something@localhost
2. From the server CLI, open /etc/aliases and add an alias like:

   something "|/full/path/to/script parameter parameter"

3. Run

   newaliases ; service postfix reload

At this point, anything sent to something@localhost will be executed on the server by the command /full/path/to/script

ISPConfig3 has support for using Certbot with its web sites. However, it is more difficult to get the certbot to work with your mail/ftp/whatever, including the control panel. User ahrasis wrote a very nice article on this. Actually, he says it best, so I'll leave it up to him

https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/