Let's push the button and see who talks to us.
Jul 18 10:25:05 NewFS imapd: Login user=test host=mc35536d0.tmodns.net [22.214.171.124]
And that's all. (That's the phone's IP address on T-Mobile, incidentally.)
Now let's look at the SMTP server and see if there's any evidence of a connection from the 68.171 address block -- which belongs to BlackBerry, and which is alleged tries to connect back.
Nothing. Is the 208.54 address there?
Jul 18 10:09:21 NewFS spamblock-sys: Starting SSL/TLS negotiation with peer [126.96.36.199]
Jul 18 10:24:53 NewFS spamblock-sys: Starting SSL/TLS negotiation with peer [188.8.131.52]
Why yes there is, as the phone does connect to validate that the connection works (and it tells you it's doing so.) The other line, incidentally, is because there's another email account there (my real one!)
The phone connected to the SMTP server ("spamblock-sys" is my custom spam filter, which knows how to perform SSL/TLS negotiation) and performs a STARTTLS negotiation exactly as I told it to do.
Incidentally, it also brings up the server's certificate and asks me if it's ok too.
But there is no connection back to either service from any other location related to this account setup. Not from BlackBerry, not from some other place, nowhere. Period.
For those who want a bit more background on the SMTP side the code in question, particularly the SMTP code, is mine. The SMTP server in question ("Spamblock-Sys") was written from the ground up by myself. I know every single line of that code and am not relying on anyone else's word as to what is and is not logged, since I wrote it.
The IMAP server in question is WU's with moderate modification.
I have no idea if the guy in Germany is lying or if he is on an account provisioned for BIS (the older BlackBerry handsets) and his mobile provider is intercepting the transaction and passing it to BIS, which is doing what he's talking about.