Please consider adding message logging for Code 504 "Auth not supported."

To secure the mail environment there is already the security log where failed logins with code 535 are captured.
Actually we are able to parse this log with helper tools like fail2ban to act on above mentioned 553 failed logins and for example lock attackers out of the system.

But, if TLS is enforced prior to the authentication (for example via advanced routing) there is no 553 error message unless the attacker first secures the connection via TLS. Instead, if the attacker tries to send the credentials he will receive error 504 Auth type not supported.

In reality most of the attacks we realize on our environment do not recognize 504 and just keep spamming the message port with connections trying to login immediately.
Since the server does not recognize 504 als failed login attempts yet, nothing is captured in the security log.

If 504 errors would be captured in the security log, we would be able to act on repeatedly occurring 504s from same origin like we do for 535.
This would allow locking out attackers and reduce the overall serverload.