Comment 3 for bug 1374731

Although ... I forgot that Prayer uses the UW IMAP C client library to connect to the IMAP server. That library does verify the server name against the certificate subject name(s). Only the connections to prayer-accountd are insecure, which I guess is all you said to begin with. accountd is even less likely to run on a remote host, or at all, however.