I kind of hate Thunderbird because it is in every way worse than beloved Apple Mail.app, except for one: it can do the Microsoft 365 IMAP Oauth2 dance, but Mail.app can't.
Mail.app's native Exchange functionality has broken for me before and caused me to lose mail so I will not trust it. I thought I had the right solution with an IMAP connection to O365 Exchange until they forced that to use Oauth2.
If you use this proxy of mine then any IMAP (or POP/SMTP) client can be used with a “modern” email provider, regardless of whether it supports OAuth 2.0 natively: https://github.com/simonrob/email-oauth2-proxy