Comment by Spivak
This can still work imap.mydomain.com resolving to your hardcoded private ip, put the cert on your imap server, connect by name, done.
This can still work imap.mydomain.com resolving to your hardcoded private ip, put the cert on your imap server, connect by name, done.
How many people care about setting up secure connectivity to an internal server but are unable to either disable this behavior or configure their own internal DNS service?
My internal DNS names are served from my router and I'd imagine a lot of the people who would care about this in a home environment are running either open-source or business-class commercial devices that can do the same.
This won't work on many home routers that filter out private/local IP A/AAAA records from DNS responses to protect against DNS rebinding.