TB freezing isn't great, but my research on this issue seems to point to it being an issue on yahoo's side of things, not TB's. But I don't know why that would be causing it to freeze/lock up. This might resolve itself, but I'm doing some more research.

I discovered that Thunderbird unfreezes if I check the Confirm Security Exception box.

Problem has mysteriously gone away. Must have been problem with AT&T. Fingers crossed. Much time wasted chasing this one. Thanks, evhenry.

Robert Cronin said

Problem has mysteriously gone away. Must have been problem with AT&T. Fingers crossed. Much time wasted chasing this one. Thanks, evhenry.

So which scammers web site did you authorize to pretend it is yahoo? Without first viewing the certificate to see what it was issued to, clicking confirm is a bit like dropping your bank card and pin on the way home and hoping no one uses it.

At a guess you have probably got away with the reckless pressing of confirm, simply because ATT has a contract with Yahoo and neither of them apparently have a clue about email or how to implement it. Let alone secure communication which is what those certificates are all about. But for all you know you just authorized the NSA to send your email for you, after reading of course, or some the ex wifes legal firm.

The process is a connection attempt is made to whatever server you were trying to contact. A certificate was returned from that server saying it belonged to a different company, and without knowing which you have authorized it. There is a view button. Use it. If you do not understand what it is telling you ask.

Matt, your post is not reassuring. I did look at all the information in the box, but it was gibberish. All I can tell is that the issue seemed to be communication between Thunderbird and AT&T smpt server. I could still send emails from AT&T's web mail. Operation appears normal now. If something bad has happened, how would I know? And how could it be corrected?

Robert Cronin said

Matt, your post is not reassuring.

It was not meant to reassure. Poor decision making is not something I tend to reassure folks over. Caution is the best approach when something out of the ordinary happens.

I did look at all the information in the box, but it was gibberish.

That is a certificate I created an exception for in 2011 It was for debug-pop3.live.com I was trying to connect to pop2.live.com. I formed the opinion that microsoft had made a mess of their certificates and allowed the exception. Something similar may have happened in your case, but you sure do not sound confident in your decision making.

I discovered that Thunderbird unfreezes if I check the Confirm Security Exception box.

Software developers are very reluctant to use application or system modal windows (The system or application freezes until you make a decision) They use them when the software can not function without a decision.

In this case communication over a port using encryption where the certificate used for the encryption looks like is was forged or in some other ways is "wrong". That certificate also contains the 2048 bit encryption key.

So by accepting a "questionable" certificate your in the position of securely communicating with "someone". You have secure encrypted communication, but with whom? And for how long?

All I can tell is that the issue seemed to be communication between Thunderbird and AT&T smpt server.

The information you posted says the server was a yahoo server, not an ATT one.

I could still send emails from AT&T's web mail.

I went to McDonalds and ordered a burger, they gave me fries. I went to Hungry jacks and they gave me the burger I asked for.

That is about equivalent to comparing your experiences with web mail, a web page on a web site, to using a mail client to get mail.

The similarities really end with the word email. the software, ports, communication protocols are all different. Even the way anti virus products treat the incoming email is different.

Operation appears normal now.

Of course it does, the machine asked you for a decision, and you made one. If it was the right decision, the machine does not know or care. The Human made a decision, it will abide by that.

If something bad has happened, how would I know? And how could it be corrected?

You would go to Options > advanced > Manage Certificates and in the servers tab of the certificate manager you would be able to review all decisions you have made about allowing exceptions.

Perhaps I am treating this too seriously. If you don't care. I should not.

Matt: Per your advice, I went to Manage Certificates Servers tab. There were 4 listed: smtp.att.yahoo.com, verified pop.att.yahoo.com not verified because expired (!) although listed as permanent Two unidentified servers represented by *. The certificate names were Digitar Notar Root CA and Digitar Notar PKIoverheid. For both of these Thunderbird "could not verify this certificate because it is not trusted"

What do you think?

I think you already posted an image saying the server was SMTP.att.yahoo.com.

The issue is what does the certificate actually say. I posted a copy of one, you will see your by double clicking on in. Does it say yahoo as well, or does is say the server is completely unknown that is the real issue.

The certificate says att.yahoo.com. Are the Digitar Notar certificates anything to worry about?

Robert Cronin said

Are the Digitar Notar certificates anything to worry about?

Nope, I have then as well. I think they are an indication of having has a profile for a long time so ancient stuff hangs around. See https://en.wikipedia.org/wiki/DigiNotar

Thank you Matt.