Because you chose to use a program that doesn't accept self-signed certificates. Use a different program or a different computer that actually respects your freedom to tinker with it. Problem solved.
Self-signed certs were a defect — people were used to just click OK and blackhats exploited that.
OP wants support for the special case where only the cert issuer trusts the cert (he has his own self-signed cert). Apple and others do support that: You make a private CA, trust that CA in the device, and then use that CA to sign certs for your IMAP server. IIRC (and this is from vague memory) you may need to configure yourself to be a company that manages employees' devices.
Interesting. I use self-signed certs for development, but haven't tried to use them for an E-mail server. After an article or two on here, I'm convinced that trying to run your own server is a futile time-suck.
