In terms of "classified" documents being found on it, so far, no one has said if any of them were ever "classified" at the time they were sent.
Yes, they have. Items sitting on the server in her house were from SAP material (above-top-secret stuff) that by its very definition is classified. We're talking about actual, current, operational intelligence - the sort of stuff that involves moles in foreign governments, satellite imagery from NRO systems, that sort of thing. The State Department has just said that there are over 20 emails just in this latest small batch that can't even be released in any sort of redacted form because the classified material in them is so sensitive. When she got the SoS gig, she signed the usual federal paperwork that says that if she becomes aware of classified material existing in channels that aren't appropriate (as in, government-controlled secure access systems) regardless of whether or not it is so "marked," that she is criminally liable for its mishandling if she doesn't immediately involve security personnel to secure it. She completely blew off that requirement.
She also didn't release any of them to the public, without them going through the proper channels
No, what she did was have her own personal staff (people without clearances!) go through 60,000-some emails and decide BEFORE ANYONE IN THE GOVERNMENT GOT A LOOK AT THEM which were or weren't "work related." Which means that even among the emails they eventually passed along, her non-cleared personal employees at her foundation were pawing through what we now know were SAP-level documents. Further, she took everything and burned it to some USB drives, and gave at least one to her NON-CLEARED lawyer, who then put it in his own personal safe. Crimes, again, at several points along the way.
In other words, all the steps have been followed.
No, they haven't. She explicitly went about conducting official government business, including the handling of Special Access Program material, on a non-secured private server in her home - all for her personal convenience and so that she could avoid FOIA requests looking at her government correspondence. So the very first step that should have been followed never was, right there. She never even had State set her up with a secure mail account in the first place. You understand that, right? She never even COULD have followed the rules because she chose to avoid even the very first step of following the rules. Then she failed the next requirement, which was to turn over ALL of her government-related records at the time she left office - again, something she chose not to do, and she had to get subpoenaed for the information and dragged the process out for years after she left office before delivering the information after she'd had her own staff handle it, destroying over half of it. That's another violation of the required process. The archivists at State are the ones who are supposed to decide what is, and isn't relevant from a record-keeping point of view. She deliberately prevented that step. She then stripped off all of the meta data and other header information from all of the emails she DID deliver, and provided them as context-less printouts, on 50,000 pieces of paper. And that's just her getting started on doing it all wrong.
Until someone comes out and says that document so and so was classified at the time it was sent and was known or should have been known to be classified by the person sending it and/or receiving it, nothing wrong has occurred that crosses into any type of criminal offence of state secrecy laws.
This has already been established. You're not paying attention. Inspectors General from multiple intelligence agencies have said that there was at-the-time classified material (including the holy grail, SAP-level material) running around on a non-secure computer in her house.