APOP is increasingly unsupported by anything. Much of the problem is that it protects your password (at best), but not the actual content of your mail.
The better solution is to handle imap, pop, and smtp over ssl. Very many current mail clients, including Mail.app, support this. From the server side separate services can be run on ports dedicated to the ssl versions of these services, or it can be negotiated from a cleartext start with starttls.
I don't know whether .mac mail servers speak ssl, but my strong suspicion is not. Apple has consistency made choices about iTools/.mac which make it less secure, but easier and cheaper for them to implement. (Encryption is always computationally expensive, so providing all that mail over ssl would require more resources.) This may well have been a reasonable choice when this was a free service, but it seems inappropriate for the for-money version they're currently offering.
