Thank you for clarifying this. Your notes make me feel much better about sending you my password, and I'm glad you thought about self-signed SSL certificates too.
I still would like a warning to show up before I allow connecting to the server if it presents a self-signed certificate. Even something like this could get the point across:
+------------------------------------------+
| ======= Inky security warning ===========|
+------------------------------------------+
| Nobody's verified the identity of the |
| people who operate this mail server. Are |
| you sure you want to send your password |
| to this unknown mail server? |
| |
| [Yes, send my password, and remember |
| this mail server's fingerprint in the |
| future] |
| |
| [No, do not continue] |
| |
| [More details...] |
+------------------------------------------+
We'll certainly make it clearer. We've gone back and forth on this internally (design/simplicity vs security/clarity). I agree it should give you some kind of indication that it's not a CA-signed certificate. I'd also like to show EV certificates differently, though I'm not sure many providers offer them yet for mail servers.
I still would like a warning to show up before I allow connecting to the server if it presents a self-signed certificate. Even something like this could get the point across: