Anyway, no matter what I did, I kept seeing the error open failed: administratively prohibited: open failed. Extensive Googling did not find a solution, except for one reference which finally turned out to be the correct solution for me. Most of my Googling talked about firewalls or incorrect host or IP addresses or etc.
But here's the tip that worked for me. As root, I edited the file sshd_config, located in /private/etc/ on my Panther Server machine (the one running my mail server). Note: sshd_config, not ssh_config. I added the following line:
AllowTcpForwarding yes
After restarting my server, following the directions in the above hint worked like a charm, and I was able to retrieve and send mail from my laptop via SSH Tunnels. I then installed and configured SSH Tunnel Manager on my laptop to open tunnels for ports 55143/143 (IMAP) and 5525/25 (SMTP) when I logged in, and now it's completely transparent! I no longer have to worry about anyone sniffing for my password when using an open network at a coffee shop or whatever.
For some reason, the AllowTcpForwarding option is not listed in Panther's sshd_config file. Furthermore, other references to this option indicated that yes is the default value. However, this appears not to be the case for OS X Panther Server. I hope this hint helps save someone the time and aggravation that I spent.

