Issue setting up TLS

I'm currently running a Domino 9.0.1 FP9 on V7R3M0 and have been working
on a ticket with (first) IBM and now fully HCL on setting up TLS.
I have gotten past getting the certificate installed and have tested a
number of times setting up TLS via the config and messaging settings.
However, on every test we do from gmail or my personal bellsouth.net
account, we get back an error message "530 Authentication required" to
both external email accounts.
I have also tested on the www.checktls.com web site and all looks good,
until it gets to the FROM part and I see this in their reporting:
[000.431] TLS successfully started on this server
[000.431]~~>MAIL FROM:<test@xxxxxxxxxxxx>
[000.460]<~~ 530 Authentication required
[000.460] Cannot proof email address (reason: MAIL FROM rejected)
[000.460] Note: This does not affect the CheckTLS Confidence Factor

Anyhow, wondering if there is a setting we are missing, when I test these
are the settings I am changing:
Under Current Server Doc -->Ports-->Internet Ports-->Mail:
SSL Port Status = Disabled (on inbound/outbound is already disabled)
Authentication Options/Name & Password = No (on inbound/outbound is set at
N/A)

Under Messaging Settings-->Advanced-->Commands and Extensions:
SSL Negotiated over TCP/IP Port = Enabled

If anyone has any other ideas, I would be grateful :)
Thanks!

Carol Kornitsky Taylor
Purity Wholesale Grocers
800-323-7087
carol.taylor@xxxxxxxxxxx