==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.6.8 OPENLDAP
- Deployed with iRedMail Easy or the downloadable installer? Yes
- Linux/BSD distribution name and version:  Rocky Linux release 9.3 (Blue Onyx)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  LDAP
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? Y (and an ldap client for adding shadowAccount)
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

<<< 554 5.7.1 <user@oneofmydomains.com>: Recipient address rejected: SMTP AUTH is required for users under this sender domain
554 5.0.0 Service unavailable
<<< 554 5.5.1 Error: no valid recipients

This error is intermittent, some days only one or two of my domains has this error, other days all of them fail with it, but it is from an IP address that is my external mail spam/virus/etc scanner that is in my trusted mydomains list.  I.e. in theory it should never need to smtp auth, but randomly it's rejecting mail from it with this error. 

What confuses me is that these are a daily digest email generated by my trusted external gateway and those are, as far as I can tell, the only mail being rejected, even though ALL mail comes through this server and all other mail is arriving.  Here's a quick mail flow path, it's pretty simple:

Cloud senders -> MX record SMTP server that is my gateway (gw) -> iredmail host.

outbound mail is the reverse.  flow.  This failure is very confusing in that I 100% trust this gw host, and 99% of the time so does iredmail admin service, but randomly it doesn't?

We have SPF, DKIM, Domain Keys all types of the right stuff setup on this host and it has been working for a long while as well.

(I just recently migrated from zimbra to iredmail because I'm tired of their badly performing system.  iredmail is way faster/lighter weight so far, so thanks for that!)

~Phil