This asymmetry of defaults between incoming and outgoing mail is surprising and silently guides users towards insecure configurations.
I just got bit by this, too. I recently set up a Debian Postfix server
and manually verified that the server was offering STARTTLS with the
correct cert. It was working correctly, so I assumed TLS working as
expected out-of-the-box. A month later, a friend notified me that Gmail
warned about my mail being sent unencrypted.
