I found out that this is a known bug, which can be worked around by an addon for Thunderbird 2.0 <https://addons.mozilla.org/en- US/thunderbird/addon/2131>. Its message led me to believe that it still had the vulnerability, just removing the annoyance. But looking in its preferences, it looks like it actually does store the entire domain- domain pairs. Allegedly Thunderbird 3 (alpha) has native support that fixes the problem, due to using Gecko 1.9 (Firefox 3's engine).
-- IMAP/certificate/security weakness/needing to restart Thunderbird https://bugs.launchpad.net/bugs/239360 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs