diff -uNr avelsieve/include/managesieve.lib.php avelsieve.new/include/managesieve.lib.php
--- avelsieve/include/managesieve.lib.php	2006-07-24 15:48:27.000000000 +0200
+++ avelsieve.new/include/managesieve.lib.php	2009-02-23 23:09:56.000000000 +0100
@@ -82,6 +82,12 @@
    * a comma seperated list of allowed auth types, in order of preference
    */
   var $auth_types;
+
+  /** 
+   * options
+   */
+  var $broken_tls;
+
   /**
    * type of authentication attempted
    */
@@ -311,6 +317,9 @@
     else
         $this->auth = $auth;
     $this->auth_types=$auth_types;	/* Allowed authentication types */
+    
+    $this->broken_tls = false;
+
     $this->fp=0;
     $this->line="";
     $this->retval="";
@@ -484,6 +493,10 @@
         } /* end if */
         elseif(is_string($this->modules))
             $this->capabilites[$this->cap_type][$this->module]=true;
+
+	// set broken_tls. Older cyrus servers do not respond with 
+	// capabilities after STARTTLS
+	$broken_tls = true;
     }
 
     if(sieve::status($this->line) == F_NO){		//here we should do some returning of error codes?
@@ -504,8 +517,13 @@
             return false;
         } else {
             $this->loggedin = true;
-            // RFC says that we need to ask for the capabilities again
-            $this->sieve_get_capability();
+            // RFC says that we get an unsolicited capability response after TLS negotiation. Older Cyrus
+            // did not do this. If the server has old/broken TLS we need to send a CAPABILITY command,
+            // otherwise we just parse the unsolicited capability response. 
+            if ( $this->broken_tls )
+                $this->sieve_get_capability();
+            else
+                $this->sieve_read_capability_response();
             $this->loggedin = false;
         }
     }
@@ -817,14 +835,11 @@
   }
 
   /**
-   * Return an array of available capabilities.
+   * Read incoming capability response.
    *
    * @return array
    */
-  function sieve_get_capability() {
-    if($this->loggedin==false)
-        return false;
-    fputs($this->fp, "CAPABILITY\r\n"); 
+  function sieve_read_capability_response() {
     $this->line=fgets($this->fp,1024);
 
     $tmp = array();
@@ -876,6 +891,18 @@
     return $this->capabilities['modules'];
   }
 
+  /**
+   * Return an array of available capabilities.
+   *
+   * @return array
+   */
+  function sieve_get_capability() {
+    if($this->loggedin==false)
+        return false;
+    fputs($this->fp, "CAPABILITY\r\n");
+
+	return $this->sieve_read_capability_response();
+  }
 }
 
 
diff -uNr avelsieve/table.php avelsieve.new/table.php
--- avelsieve/table.php	2006-07-24 15:48:28.000000000 +0200
+++ avelsieve.new/table.php	2009-02-23 23:10:08.000000000 +0100
@@ -162,10 +162,11 @@
 	    if (!$conservative) {
 		    $s->login();
 		    if(sizeof($rules) == 0) {
-				$s->delete('phpscript');
-			}  else {
-		        $newscript = makesieverule($rules);
-    		    $s->save($newscript, 'phpscript');
+			$s->setactive('');
+			$s->delete('phpscript');
+		    }  else {
+  		       $newscript = makesieverule($rules);
+    		       $s->save($newscript, 'phpscript');
 
             }
 	    	avelsieve_spam_highlight_update($rules);