The rocky way to security in email comunication

The road to my personal e-mail server seems to be rocky...

uw-imap config is just the start...

I started by trying to accsess the mailbox of a user whom I created for this very purpose on this Debian Linux system (hail to apt-get btw.)
Considering that emailis probably the most used internet service everything seems to be based on rather antique mechanisms. For example almost everybody uses POP3 which is a very unconvinient protocol (ever tried to keep the eMail database of two computers synced using POP?). So I decided to go with IMAP. Setting up IMAP isn't really problematic if uw-imap is your weapon of choice, but considering that I frequently use email over potentially unsecured and public networks (campus WLAN or coffe house WLAN etc) I wanted to add more security using MD5 authentication and SSL.
Setting up MD5 is simple (just write the desired usernames/passwords seperated by tabs and linebraks into /etc/cram-md5.pwd)
Setting up SSL in theory is simple, too. In theory...
In the real world you need to have a certificate placed in /etc/ssl/certs/imapd.pem. because this server is only for my personal use I can setup my own CA to sign this certificate (I guess I can trust myself - at least most of the day ;-).
This sounds easier than it is.
What do we need to do:

1. openssl genrsa -des3 -out privkey.pem 2048 - generate a private RSA key (no passprase is very convenient - but less secure of course). You should secure the private key via file-permissions now.
2. openssl req -new -x509 -nodes -out imapd.pem -keyout imapd.pem -days 3650 - Create the key for the imap Server.(granted, 10 years is a lot of time you can use less)
   So much for the server part
3. Now you should install the imapd.pem in your Mail client or the OS of your choice (For OS X Mail this is the way to do it - In Mozilla you just need to open a connection to https://mail.server:993 and install the cert)

For my taste this is a little bit too complex, no wonder everyone is useing unencrypted mail.
So much for uw-imap - exim is next...this is going to be fun...