TB38 already supports OAuth2 for Gmail.

It doesn't show up in the preferences, so how do I implement it?

Account Settings > Server Settings > Security Settings heading > Authentication method option. That's for incoming server. For outgoing server, it's Account Settings > {Account Name} > Default Identity heading > Edit SMTP Server button. I don't know if those navigation paths are the same for TB 38, and I honestly don't care to know. You'll just have to figure it out for yourself.

I am aware of the locations. There is indeed an OAuth2 setting for the SMTP server (I use Normal Password and am not changing until/unless I actually have to), but no such option for the incoming accounts. Neither pop nor imap accounts. Actual Authentication method options:

Normal Password (current) Encrypted Password Kerberos/GSSAPI NTLM TLS Certificate

The Connection Security options:

None STARTTLS SSL/TLS (current)

Does this mean that I will be able to SEND email but not receive it?

but no such option for the incoming accounts. Neither pop nor imap accounts. Actual Authentication method options: Normal Password (current) Encrypted Password Kerberos/GSSAPI NTLM TLS Certificate

I have no idea why that is the case. If you insist on sticking to Normal Password authentication, use an app password instead. See https://support.google.com/accounts/answer/185833?hl=en

Back to my original question, or a variant thereof: What is the oldest version of Thunderbird/linux that offers OAuth2 authentication for BOTH SMTP and 'normal' mail servers?

38 offers only SMTP.

I don't know. You could always find out for yourself. All releases are available here https://archive.mozilla.org/pub/thunderbird/releases/

The ones with a "b" are beta versions, avoid them.

I was hoping to avoid downloading and installing versions until I get lucky. If that's essential, that's my next step.

I was also hoping that an actual mozilla person might stumble across my message. Apparently not.

There is no "mozilla" person.

A second question: If I switch from password to OAuth2, will that make any changes to the way each gmail account works?

When I switched one of them to imap the structure of the account in Thunderbird changed, such that there are two inboxes; one 'normal' and one under gmail, as well as additional subfolders. I worry because I have extensive folder structures in two of my essential gmail accounts...

So there are no actual mozilla designers/programmers here? They apparently don't answer questions in the appropriate 'contact us' function either. JWZ must cast a long shadow.

I was hoping to avoid downloading and installing versions until I get lucky. If that's essential, that's my next step.

I doubt anyone can guarantee that when you install old version xx, the OAuth2 option will automagically appear for your account. TB 38 has OAuth2 support for both incoming and outgoing Gmail. It just so happens that in your case, for some reason, it's not showing when it should. Nothing else to do except try the next product release after 38, and that would be 45.x

A second question: If I switch from password to OAuth2, will that make any changes to the way each gmail account works?

No. It only affects how Tbird authenticates with the Gmail servers.

One thing I noted a long time ago: There are differences between the windows and linux versions. I really pissed off the developers because I kept asking about a certain function that was supposed to work but didn't. Ultimately one of them said "Oh. That only works in the windows version."

From then on my trust was gone.

I'll probably start with V45. Fortunately I have a "nuke" alias.

So there are no actual mozilla designers/programmers here? They apparently don't answer questions in the appropriate 'contact us' function either. JWZ must cast a long shadow.

They don't usually lurk in here, but on the rare occassion that they do, you can bet they would not be paying any attention to issues affecting antiquated TB versions while they have a lot to do for the current and upcoming releases.

One thing I noted a long time ago: There are differences between the windows and linux versions. I really pissed off the developers because I kept asking about a certain function that was supposed to work but didn't. Ultimately one of them said "Oh. That only works in the windows version." From then on my trust was gone.

Spamming the forum with the same question over and over won't win you any favours with the devs, site mods or contributors like myself. You'll only alienate yourself from the good folks over here. Trust me, even with a nuke alias, we can always read the mood and attitude in a post. It doesn't matter what alias the user shows up with. We can always smell it coming from a mile away. As a contributor of other online forums for over a decade, I can assure you we do note user tendencies and can always tell when someone will likely turn problematic.

Yes, there always are platform-specific differences.

I am a genuinely nice and even HELPFUL person. I do get a little peeved, however, when reality contradicts documentation. I was a QA person. We worry about that stuff. My current peeve is more toward google than mozilla, but it would be nice if knowledgeable people would not regard questions as a personal attack.

I was blown away by usenet in the 90s -- you could ask a question and get an answer from a total stranger half a world away within hours, sometimes minutes. People actually knew things.

I blame Facebook.

I can indeed confirm that OAuth2 is available for both incoming and outgoing server. I just fired up a VM and installed TB 38.8.0, the last release for the v38 product. I then added a Gmail account using Normal Password authentication and an app password. The attachments below should speak for themselves. This proves that something is broken on your end, and I don't know where you'd even begin to look. Other than removing and re-adding the account, the only other option is for you to move up the versions and hope it fixes it. Alternatively, you could leave everything as is and use an app password instead.

You are absolutely correct for IMAP accounts -- OAuth2 is indeed available for those.

The accounts I actually USE are POP accounts with extensive sub-folders. Unfortunately I don't want to share my email among my devices -- I want to use my computer to store everything I want to keep and use my other devices only for temporary while-in-occasional-use storage, to be deleted after I transfer what I want to keep to my computer. Perhaps I should have mentioned this earlier -- I only noticed the IMAP thing when I was looking at ALL my accounts, not just the two I actually use.

So my understanding is that everything will be OK with my IMAP accounts if I just switch to OAuth2 instead of password and that everything will be OK if I switch my POP accounts to IMAP and switch from password to OAuth2. This means that I will be able to continue to use Thunderbird 38 until they come up with some other nastiness, right?

OR I could theck Thunderbird's "Use a master password" box, which requires it to be entered at each session. Is that the same as an "app password"? Could I do this and leave my accounts as POP?

I won't be able to do any actual testing until google does the dirty deed, and then I think I will be able to boot into a complete linux system (backup from my working system) on a different partition. I say "I think" because trying to do this sometimes produces strangenesses...