Just back from a 12 hours downtime.
Sorry but I think you are all wrong (even the ones that know how SMTP
works) except Florian.
First, we are not talking of generic 5XX but of the specific 554.
Second, if you read my quote from the RFC 2821, that I repeat here:
The SMTP protocol allows a server to formally reject a transaction
while still allowing the initial connection as follows: a 554
response MAY be given in the initial connection opening message
instead of the 220. A server taking this approach MUST still wait
for the client to send a QUIT (see section 4.1.1.10) before closing
the connection and SHOULD respond to any intervening commands with
"503 bad sequence of commands". Since an attempt to make an SMTP
connection to such a system is probably in error, a server returning
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
a 554 response on connection opening SHOULD provide enough
information in the reply text to facilitate debugging of the sending
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
system.
and further down:
554 Transaction failed (Or, in the case of a connection-opening
response, "No SMTP service here")
^^^^^^^^^^^^^^^^^^^^^
Thus, as I said before, this is likely to be the result of some DNS
misconfiguration (or hiccup I add). A client would then be in the
right if it tried another MX.
In particular 554 at the connection opening (greetings) phase (that
is the issue of this thread) does NOT mean a generic "go away" but
"No SMTP service here". That's a hell of a difference.
554 at greetings does not seem the appropriate place for enforcing an
IP rejection policy.
(I think I repeated myself...)
Giuliano