Well, I think I found a 'fix'for this issue...
It seems that you have to add the self signed certificate of your SME Server _before_ you create an new email account WITH the exact portnumber for EACH service
Adding a security exception in TB for IMAPS looks then like:
https://yourserver.com:8993and the same applies (different port numbers) for other services port numbers. Including the caldav (8089) port if you use lightning.
Then you can start adding accounts and accept security exceptions within TB for your servers self signed certificate.
TB does not warn that it rejects Self Signed Certificates by default, but does not report as such. Hence adding the exceptions including portnumber. TB will then NOT reject SSC.
HTH
guest