Comment 26 for bug 24220

very cool, thx. Yes, I meant the simple sniffing case.

Re probing the server's abilities, I don't know if there's anything explicitly written about it, but easier account setup is a big priority - http://wiki.mozilla.org/Thunderbird:Easy_Account_Setup

If you look at mail.app, it tries to figure out if it should connect on the SSL port, or use TLS, or not, when you go through new account setup. We want to do something like that at least. And the automatic detection of secure auth capabilities and success using secure auth that you've added goes hand in hand with that.