Thunderbird has a MITM vulnerability with its otherwise rather groovy auto-configuration feature.
The problem is that it makes requests via HTTP to retrieve the auto configuration information.
This allows a black hat (e.g. the NSA) to modify the results sent to the client, and the client has no way to verify the results have not been tampered with.
This could even allow the black hat to act as a proxy for quite some time and the client may never know.
This vulnerability is not something that can just be patched without breaking most auto-configuration.
I have what I think is a solution to the problem, but I think it needs further review - and it needs someone who actually has the right contacts in the software and hosting worlds to get it implemented.
That's not me, I don't really like most people and the feeling tends to be mutual. Anti-social issues aside, I do think this needs to be fixed.
https://librelamp.com/FooBird#security
has what I think would be the easiest solution while keeping the ability to auto-configure stuff.