Yes, I am pretty sure about that. I originally was connected via AT&T DSL but wanted the fast access of cable modem. I need permanent IPs which required me to contract with Comcast buisness. Once I switched over, I was no longer able to access my imap server, which was as I mentioned, stunnel listening on the imaps port and forwarding to dovecot listening on the imap port.
I was getting connection refused on my laptop (thunderbird) email client when I was not at home. I validated that it was not because it was reaching my email server. So who ever was rejecting it, I assumed it was somewhere inside the comcast network. Once I switch to a non-standard port, I was able to connect again.
Re needing to say ssl = yes, I thought that was implied for imaps?
I can go back to stunnel, just thought it was an unnecessary layer.
Thanks,
Patrick