Sorry for the late answer. I found another thread where the problem is caused by a proxy.
As you wrote there seem to be no problems but I have to recheck.
It’s a special scenario to have IPS and mailserver on one machine. I am going to investigate and report as soon as I find a way to enable IPS without rspamd errors.