Neither is "less bad", nor better.

STARTTLS is basically SSL/TLS started earlier in the connection, hence the start bit in the name. The SSL/TLS identifier is a little misleading as Thunderbird disabled SSL years ago. This means both connections use TLS encryption unless you have made changed to enable SSL because you mail provider is still living in the 20th Century. Very few have.

Whatever port works is fine, the number used is set by the mail provider and while Thunderbird generally defaults to ones that work, occasionally it's default is not the port the provider has chosen to use. For example is is "generally accepted" that SMTP mail submission is on Port 587 if you intend to use TLS or 465 if the connection is to be unencrypted. But that is only generally. There is nothing intrinsically wrong with a connection on Port 465 accepting encryption or one on 587 not being encrypted as long as the mail server administrator is happy with that setup. If it works, it is good.

There are even still some mail providers accepting connections on Port 25 for mail submission. This is something that was supposed to be phased out about 20 years ago. But if that is the choice of the server administrator then the mail client just has to follow suit.

To Matt: Do I understand your reply to be saying that STARTTLS is better than SSL/TLS? When I read web articles I came away with the understanding that STARTTLS did NOT do encryption ... that it only started a discussion with the other party about what encryption to use. And that left the communication 'open' in the mean time.