Sender address rejected: not owned by user

I’ve recently migrated to a newer version of mailinabox and have come across an issue I’ve not seen before. I have numerous servers setup to send email to (and out) of the box using a relay_host setting and a very basic postfix install. They each use port 587 and authenticate with the admin user of the mailinabox instance.

This is useful as I only have to maintain one mail server (and most of that is handled by the awesome mailinabox anyway), the other mail servers are pretty dumb and alias local accounts to accounts on mailinabox. They’re also used for sending notification emails from software.

But since the upgrade these mails are failing with the error in the subject. I’ve traced this to the reject_authenticated_sender_login_mismatch setting but am loath to remove it because I don’t want to modify mailbox files.

Whats the suggested workaround for this? Do I just remove that setting? Is there a way of configuring the UI to accept these emails?


There’s some discussion here: Admin accounts should be permitted to send mail on behalf of other users

This is a pretty important setting to prevent your users (or a malicious actor with access to a user account) from spoofing each other. Can you just have your clients supply the correct auth for the account when sending?

Mmm. I guess the issue is that I’m aliasing system accounts to the emails but they get the system account as the email address e.g. I guess I could add them all to MiaB but thats seems like a lot of manual effort.

Add a single ‘robot@mydomain’ account and let all the automated tools use that?

I’ve added a domain alias for the server (i.e. with “Any mail user listed in the Fowards To box can send mail claiming to be from any address on the alias domain.” ticked but it’s not accepting.

Is this because the alias points at an alias itself? In this case ->

The help text suggest I should be able to send as a user from aliases.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.