As I wrote, the log seems to indicate problem on pure-ftpd server and isn't something that you as proxy server admin can fix.
OK, so the log is on the ROS device itself. Yes, if client uses ROS as proxy server and the resource requested is over FTP protocol, then logs will be in the proxy's log. With some diligent work you might be able to correlate the error message with a particular proxy client. However, if you don't know a good reason to run the proxy (i.e. you have some known LAN clients that absolutely need to use proxy for some good reason), then it's safest to disable it. Proxy service, if not properly protected, is a very good way for hackers to hide their real location... and a good way for your public IP address to get blocked by some mainstream service providers.
If you decide that you absolutely need to run web proxy service on ROS, do revise proxy settings.
proxy manual should help you. In particular:
/ip proxy src-address doesn't limit clients to set IP address (with subnet), it rather configures IP address to be used when/if proxy connects to upstream proxy server. To configure allowed connections, one should configure rules in
/ip proxy access, but keep in mind that logic follows logic of firewall, which has implicit allow rule if none of explicit rules match. Basic access control is probably easier to configure using firewall filter rules for input chain and dst-port=8080 (or whichever you use for proxy service).