Hi Tom, I admit I haven't read the entire thread. But... - Comcast's support page says to use imap.comcast.net on port 993 (https://www.xfinity.com/support/articles/email-client-programs-with-xfinity-...) - Viewing the certificate with "openssl s_client -connect imap.comcast.net:993" reveals the common name of the certificate is imap.email.comcast.net - "nslookup imap.comcast.net" and "nslookup imap.email.comcast.net" produce identical output, meaning they are the same destination So if you haven't already, I would suggest changing your IMAP settings to: *imap.email.comcast.net*, with TLS, on port *993*. Comcast *should* either serve a certificate valid for both domains, or update their support instructions to point to the new domain. But this kind of certificate mismanagement is common in big organizations. It's not the kind of thing I would associate with net neutrality... that would be more along the lines of peering agreements, bandwidth limits, and so on). I would assume your older devices are using unencrypted IMAP connections, meaning there is no chance of certificate failure. Obviously undesirable. Anyway, if the above settings work, let me know. -- Anthony J. Bentley