Yes; Avast! sets up the SSL/TLS session with your server using OpenSSL before information is passed between your computer and the server. There is a discussion of that process (and some Wireshark runs) at http://forum.avast.com/index.php?topic=68441.0 . The difference is that the encrypted path to your computer runs from your server to Avast!, instead of from your server to Thunderbird. If you set up the SSL/TLS session within your client as usual, Avast! can’t scan it since it is encrypted at the point avast! would see it.