In my experiments with Perdition, I learned a couple of very interesting facts. First, the IMAP4 implementation on Exchange Server 2003 does not support the STARTTLS command, as described in RFC 2595 and re-affirmed in RFC 3501. Instead, Exchange expects an SSL session to be established immediately, and then IMAP is spoken. This is similar to the “smtpd_tls_wrappermode” directive that Postfix supports.
Second, it appears that the Mac OS X Mail application (commonly referred to as Mail.app) also uses this IMAP-over-SSL approach, since I’ve been using Mail.app to connect to Exchange using IMAP with SSL for quite some time. I’m trying to confirm that now, but having precious little luck finding any definitive information one way or the other. If anyone knows for certain, please let me know. I’m going to keep searching.
This is one of those things that just makes me crazy.