User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.0.2) Gecko/20060405 SeaMonkey/1.0.1 Build Identifier: Thunderbird 1.5a (Macintosh; U; PPC Mac OS X Mach-O; en-US;) I am an online instructor and both the e-mail account and the newsgroups have slightly different security certificates. I am constantly approving the warning that says: "You have attempted to establish a connection with "MAEDADM.UOPHX.EDU". However, the security certificate presented belongs to "maedadmin.phoenix.edu". It is possible, though unlikely, that someone may be trying to intercept your communication with this web site." There should be a box to check to permanently approve or disapprove the security settings so that users don't have to continually approve them. Reproducible: Always Steps to Reproduce: 1. Create an account where the company has slightly different security certificates. 2. Check the mail for the account. 3. The warning box appears and forces you to approve or cancel it multiple times. Expected Results: Users should be able to check a box so that when they approve or disapprove the security certificate, the warning box will not appear again.

OK, guys. It's been about a month since I filed this bug and there has been no activity on a resolution. Please look at this bug.

Here's an initial very hacky attempt at a patch for this. Patch adds a button to the dialog box "OK (don't show me this again)", which sets a user pref called "mail.server."+actual_server_name+"."+certificate_name as true. Also, the dialog box will auto-exit if said pref exists. You still get the dialog box flickering up, and at least you don't have to click it again, but I can't figure out enough of the mozilla c++ to stop the box being created in the first place.

This still doesn't work in ver 2 beta 1 for OS X. In some cases there are dialogs with checkboxes to permanently accept an invalid/expired cert but they pop up every time anyway.

I am having this problem with Thunderbird 1.5.0.9 on Windows XP as well. In my case the domain name used for my e-mail (set up as IMAP using SSL on port 993) does not match the name of the company actually hosting the e-mail (mail.dreamhost.com) so the security certificate is questioned each time I start Thunderbird. There should be a way to permanently accept the difference in names between the e-mail domain and the host domain for the security certificate.

Until they fix this, you can add this capability with an extension. Go to:' http://releases.mozilla.org/pub/mozilla.org/extensions/remember_mismatched_domains/remember_mismatched_domains-1.3.3-fx+tb.xpi When you install this, once you approve it, you won't get the warning anymore. This needs to be a standard feature rather than having to look up a fix elsewhere.