Insecure default connection flags

[ccpp]

Can you explain why you do not per default validate the IMAP peer certificate in STARTTLS mode?
To me this looks like a bad practice solution to TLS connection "errors" (as they are often found as "accepted answers" on stack overflow or similar.)

Fetch/src/Fetch/Server.php

Line 134 in 9a1b0eb

$this->setFlag('novalidate-cert');

(this is upstream for TYPO3-directmail/direct_mail#163)