When I'm surfing on my laptop, the mailbird app is checking mail in the background. I don't have to actively be using icloud services for 3rd party app to make those requests. just 2 cents.
I authenticated the Spark mail app but it used an individual app password and I'm pretty sure it doesn't generate login request notifications every time. I need to approve every time it connects. It only generated one request and once I authenticated it it stopped generating login requests. If it did generate requests every time, it wouldn't be able to connect because I always deny the random login requests I don't recognize.