Attach SSL context to SMTP notify and IMAP sensor

[balloob]

Breaking change

Proposed change

Default SSL contexts in Python standard lib for SMTP and IMAP are set to use an unverified context. This fixes it.

Thanks to @The-Compiler for his research and notifying us.

Background: python/cpython#91826

Type of change

• Dependency upgrade
• Bugfix (non-breaking change which fixes an issue)
• New integration (thank you!)
• New feature (which adds functionality to an existing integration)
• Breaking change (fix/feature causing existing functionality to break)
• Code quality improvements to existing code or addition of tests

Additional information

• This PR fixes or closes issue: fixes #
• This PR is related to issue:
• Link to documentation pull request:

Checklist

• The code change is tested and works locally.
• Local tests pass. Your PR cannot be merged unless tests pass
• There is no commented out code in this PR.
• I have followed the development checklist
• The code has been formatted using Black (black --fast homeassistant tests)
• Tests have been added to verify that the new code works.

If user exposed functionality or configuration variables are added/changed:

• Documentation added/updated for www.home-assistant.io

If the code communicates with devices, web services, or third-party tools:

• The manifest file has all fields filled out correctly.
  Updated and included derived files by running: python3 -m script.hassfest.
• New or updated dependencies have been added to requirements_all.txt.
  Updated by running python3 -m script.gen_requirements_all.
• For the updated dependencies - a link to the changelog, or at minimum a diff between library versions is added to the PR description.
• Untested files have been added to .coveragerc.

The integration reached or maintains the following Integration Quality Scale:

• No score or internal
• 🥈 Silver
• 🥇 Gold
• 🏆 Platinum

To help with the load of incoming pull requests:

• I have reviewed two other open pull requests in this repository.

[bdraco]

I think this is a good change, but this will be a breaking change for the reasons outlined in python/cpython#91826 (comment)

In my experience there are a vast number of smtp servers that support STARTTLS but don't actually present a valid certificate because since they don't support SNI. SMTP server SNI support has historically been far behind what browsers support, and since other SMTP server's historically have not enforced verification, the state of these its not so great.

I expect many users will need to turn the verification off to be able to send mail.

[balloob]

Pushed a commit that allows disabling the SSL verification. By default certification is enabled. Made an exception to update YAML configuration because it's security related.

[bdraco]

LGTM. Exception seems 100% justified to me given its security.