STARTTLS for SMTP is opportunistic unless specifically configured for
the point-to-point connection between sites. Therefore most SMTP
servers use a self-signed certificate by default and without validity
checking.
--------
Everything you have written is totally accurate, but self signed certificates for SMTP may be going away.
The latest version of Thunderbird requires a valid certificate on the SMTP server it uses.
(Sorry for the formatting, I can't send mail from my laptop until I fix the certificate issue (: )