Does it let you download new messages, or send messages?

Yes, I can send and download messages ... everything as though I had put in the password.

Sorry, my apologies ... It doesn't allow me to send/receive messages, but I can view all the messages.

Well, strange as it may seem, Thunderbird is working as designed.

For your convenience, it stores passwords so you don't have to key them in every time you open Thunderbird. It allows these stored passwords to be protected by a Master Password, so only someone who knows the Master Password will be allowed to use or see the stored passwords.

It wasn't designed to protect the contents of your messages; the assumption was that you'd get this type of security via the Operating System's user accounts. So if you leave your computer unattended, you'd perhaps want everything to be locked down via a password-protected screensaver.

More here: http://kb.mozillazine.org/Protecting_the_contents_of_the_profile_-_mail

Personally I use the Startup Master add-on: https://addons.mozilla.org/en-GB/thunderbird/addon/startupmaster/

It prevents the situation you report; if a good password isn't entered, it simply closes Thunderbird without the user having sight of any of your email folders. It is weak protection, since a savvy user might know to start Thunderbird in Safe Mode thereby disabling this add-on, or he might know how to browse to your mail stores and read them in a regular text editor. But it's effective in stopping most people from opening your Thunderbird. But of no help if you have opened it up yourself and have left it unattended - again, a system password should be used to keep unauthorised people away.

Many thanks ... yes, this is very strange security indeed! I must say that the mechanism used by Outlook is infinitely better. After all, with Thunderbird's 'security' anyone who gets access to the computer can read the emails.

Effectively all this does really is to prevent the sending and receiving of messages ... which can be just as easily achieved by the OS user account security.

I will install your recommened add-on ... but I wonder if there is any possibility that this security loophole might one day be tightened up?