@elizabeth
STARTTLS is the most widely used port by #xmpp clients, as it allows selecting the right server domain (this predates TLS SNI by quite a while, and then there is inertia). Many xmpp servers don't even offer Direct TLS, and IIRC no client will directly probe it, if there is no explicit SRV record for Direct TLS.
@GossiTheDog