Webapp: Sender address rejected: not owned by user

I would like to run Zulip, a Slack replacement (on a different server than MIAB). That webapp needs to send email to users. So I got zulip@abc.com. Which works fine.

But then they have a second noreply and when I try to send trom that I get the eror:

smtplib.SMTPRecipientsRefused: {'=?utf-8?b?54Os44OI?= <receiving@xyz.com>': (553, b'5.7.1 <noreply@abc.com>: Sender address rejected: not owned by user zulip@abc.com')}

I looked around the forum and the web, and tried a few things. Played around with creating different users and aliases, but to no avail.

Zulips email documentation is here: Outgoing email — Zulip 5.6 documentation

And this is some info from the Zulip email config file:

## The noreply address to be used as the sender for certain generated
## emails.  Messages sent to this address could contain sensitive user
## data and should not be delivered anywhere.  The default is
## e.g. noreply-{token}@zulip.example.com (if EXTERNAL_HOST is
## zulip.example.com).  There are potential security issues if you set
## ADD_TOKENS_TO_NOREPLY_ADDRESS=False to remove the token; see
## https://zulip.readthedocs.io/en/latest/production/email.html for details.
## TOKENIZED_NOREPLY_EMAIL_ADDRESS = "noreply-{token}@abc.com"
## NOREPLY_EMAIL_ADDRESS is the sender for noreply emails that don't
## contain confirmation links (where the security problem fixed by
## ADD_TOKENS_TO_NOREPLY_ADDRESS does not exist), as well as for
## confirmation emails when ADD_TOKENS_TO_NOREPLY_ADDRESS=False.
NOREPLY_EMAIL_ADDRESS = "noreply@abc.com"

I turned tokens off for now, to deal with a different day :smile_cat: Well, I do not think MIAb could handle them?

PM me with a non-redacted version of this please. Redactions are making my brain explode today it seems.

Thank you for the offer to help. I have sent PM.

In the meanwhile, I manged to find a workaround by setting two email users (one zulip@abc.com and one noreply@abc.com) and they are each alias of each other and I manually allowed them to send as the other

Mail & Users


Permitted Senders

I’ll enter the mail users that can send mail claiming to be from the alias address.

Added both and did that for each user email.

It feels a bit hacky though … :sweat_smile: