It goes encrypted, but hardly anyone checks TLS certificates on SMTP connections. That means you're not safe against any ISP on the route who could simply proxy with a self signed cert...

Thats barely better than unencrypted.

Hardly anyone who? Email clients are supposed to check or they're internally bound (Gmail web client etc).

Yes I think you can bypass the checks but doesn't mean they aren't checked

Server to server connections.

Eg. Gmail.com sending email to cnn.com. That would be TLS encrypted, but the server certificate wouldn't be checked.