As I understand it, before you open a (potentially dangerous) attachment in another app, it would be saved to your Temp or Downloads folder, where Defender would still have access.
A carefully crafted email (or PDF attachment) that exploits vulnerabilities within Thunderbird's HTML or image rendering (or its PDF.js sandbox) might still pose a risk, but probably less so than any random web page that you open in Firefox, where JS (which should be disabled in Thunderbird by default) is the primary attack vector.
Also, note that there is a setting called "Allow antivirus clients to quarantine individual incoming messages". With this enabled, "Thunderbird first stores each incoming message in a temporary file in the system temp folder" (where Defender would have access). "If the new message file still exists after being scanned by the antivirus software, then it is moved to your Thunderbird Inbox folder file." [1] If this is implemented correctly, it should only impact performance when receiving new emails.
A carefully crafted email (or PDF attachment) that exploits vulnerabilities within Thunderbird's HTML or image rendering (or its PDF.js sandbox) might still pose a risk, but probably less so than any random web page that you open in Firefox, where JS (which should be disabled in Thunderbird by default) is the primary attack vector.
Also, note that there is a setting called "Allow antivirus clients to quarantine individual incoming messages". With this enabled, "Thunderbird first stores each incoming message in a temporary file in the system temp folder" (where Defender would have access). "If the new message file still exists after being scanned by the antivirus software, then it is moved to your Thunderbird Inbox folder file." [1] If this is implemented correctly, it should only impact performance when receiving new emails.
[1] https://support.mozilla.org/en-US/kb/privacy-panel-settings-...