Hi @fas,
Thanks for checking in again on this issue. It probably is possible to fix this issue by implementing CRL. It would require a substantive investment in engineering time even to reproduce the issue and verify that providing CRL fixes. It would require significantly more engineering and ops time to design and build a CRL system for our end-entity certificates, and maintain it over the long term.
While I empathize with your issue, and would like to make Let’s Encrypt as broadly compatible as possible, I do have to balance costs and benefits. In this case, the cost of implementing CRL is very high, and the benefit-- supporting an older mail client with relatively low usage-- is not large enough to justify the cost. If we had evidence showing a large number of people reporting that Windows Live Mail support was a high priority, that balance might shift, but for now we can’t justify the work.
Is buying a certificate from another CA an option for you?