You can initiate SSL/TLS where by the only party presenting a certificate is the server to the client.
Do you think that all HTTPS clients present a certificate to the HTTPS server ? This is not how HTTPS usually works, only rare systems that are using client side SSL certificate for authentication use it. But your standard credit card transaction or login portal does not present any certificate to the server.
With STARTTLS sending you start unencrypted, enable TLS via STARTTLS command, then perform some kind of authentication inside the secure TLS channel (this can be plaintext authentication inside TLS). Now you proceed to use the SMTP have both setup a secure channel and authenticated.