How to you connect "from another IP"? Mail client (which one) , testing with telnet, another mailserver?
How many "client errors" do you which to be allowed?

Have you changed any value for smtp_errors?
compare the actual settings with changed values
# postconf  |grep smtpd |grep error 
with
postconf -n |grep smtpd |grep error

Are your "other IP" banend in fail2ban? Check
# iptables -L f2b-postfix

So...., smtp is compulsory, i guess,  since it is a mail server..., but I mean what is producing the SMTP protocol to connect to your mail server?
1) a mail client (Thunderbird, OSX mail, Outlook, ...) with one of your mail users trying to send e-mail
2) a remote mail server trying  send e-mail to a local user
3) manual testing SMTP using "telnet  mail.server.ip 25"

Depending on the above, the approach to allow differs.
If it is 1), use SASL login on port 587 instead of port 25 without login.

If it is 3), the reasons for failing is that you send "ehlo" command to quickly. Wait a couple of seconds after connecting befor sending the ehlo command.

If it is 2), please provide logfiles that proves this.
a)First there is the Client connect name ( the name that the sending mailserver provides in the EHLO message),
b)then there is the Mail Envelope  MAIL_FROM, (which translates to mail header REPLY_TO)
c)and then the Mail Header FROM (what the mail client displays as FROM)
Which ones in combinations do you think the receiving mailserver rejects?
Please give examples

The a) check can bounce if the sending mail server doesnt provide a FQDN name matching the IP address
It can also bounce if the IP is listed in some black lists over known spammers
The b) check can bounce if the MAIL FROM address is not a valid mail address, non existing domain etc.
The c) check is normally not available, must be done in SpamAssassin rules.