Insecure default connection flags
ccpp opened this issue · comments
Christian Plattner commented
Can you explain why you do not per default validate the IMAP peer certificate in STARTTLS mode?
To me this looks like a bad practice solution to TLS connection "errors" (as they are often found as "accepted answers" on stack overflow or similar.)
Line 134 in 9a1b0eb
(this is upstream for kartolo/direct_mail#163)