Are you saying your personal device Thunderbird is installed on has been compromised and you are trying to lock down Thunderbird from your local device? Seriously Thunderbird exists on your device, so if it is vulnerable, your local device has already been compromised. Connections are by default encrypted to the highest level the provider supports, unfortunately for some that is none, but that is a provider limitation Thunderbird has to adhere to, it can not encrypt if the provider does not support it. Seriously I think the issue is more likely to be something like this https://www.bleepingcomputer.com/news/security/cox-discloses-data-breach-after-hacker-impersonates-support-agent/ have you changed your passwords since that cox hack? Or even this one from 2018 https://forums.cox.com/forum_home/internet_forum/f/internet-forum/19776/cox-email-hacked/73437 I think you probably need to look to cox as the weak link, not your mail client or your device. Although device security is never to be taken lightly and the 4 weekly security and stability releases for Thunderbird are designed to mitigate risk on that front.