AT&T knows nothing about how Avast! arranges to scan secure email-no reason they should. If you leave your email client set to SSL, Avast! won't scan it-no third party can; it is encrypted between your email client and the POP server and no one else can decrypt it.. As far as Avast! 4.8, it never scanned secure email unless you used a third party program called Stunnel and OpenSSL to handle the encryption/decryption.
With Avast! 5, which added the feature of secure email scanning,
For POP3, you need to select no secure connection, and port 110
For SMTP you should select no secure connection, and port 465 (or 587), depending on what works with AT&T. 587 is the port for Gmail, but 465 may work better with AT&T. If there is a problem, port 25 is also sometimes used-I don't use AT&T so don't know how their smtp servers are set up.
Avast! will then redirect the email to do the encryption/decryption itself, and scan the email to/from your server.