Issue description   

Users may encounter a "Send As Denied" error when configuring the email server with an authentication address different from the sender address. This usually occurs when the account used for authentication doesn’t have the required Send As permission to send emails on behalf of the specified address.

Possible causes   

1. Missing Send As permissions: The authenticated user does not have the required Send As permissions for the sender's mailbox.

2. SMTP configuration errors: Incorrect or incomplete SMTP settings can cause authentication failures, leading to permission-related errors.

Prerequisites   

• Ensure you have administrative access to manage mailbox permissions for your email server.

• Depending on your mail server, access to command-line tools or an admin console may be required to modify permissions.

Resolution   

Step 1: Verify send as permissions   

1. Log in to the email server's admin portal (e.g., Microsoft 365 Admin Center, Google Admin Console, cPanel, or Postfix/Dovecot management tools).

2. Locate the sender’s mailbox and check its delegation or permission settings.

3. Ensure the intended sender has Send As permissions.

4. If missing, add the necessary permissions and save changes.

 Step 2: Configure Send As permissions   

1. If Send As permissions were missing, assign them using the appropriate method for your mail server:
   

• Microsoft Exchange (PowerShell command):
  

• Add-RecipientPermission -Identity "SenderMailbox" -Trustee "User" -AccessRights SendAs -Confirm:$false

• Postfix/Dovecot (Linux mail server):
  

• Modify the virtual_alias_maps or recipient_bcc_maps file to include delegated permissions.

• Google Workspace (Gmail SMTP eelay):

• Assign Send As permissions in Google Admin Console under the user's email settings.

• cPanel (Exim mail server):

• Navigate to Email Accounts, select the mailbox, and configure delegation settings.

Kindly allow some time for the changes to propagate, as this may take a few hours. 4. Verify SMTP Configuration   

Step 3: Check SMTP server settings 

1. Common mail servers:

• Microsoft 365: smtp.office365.com (Port: 587, Encryption: TLS)

• Gmail: smtp.gmail.com (Port: 587, Encryption: TLS)

• Yahoo: smtp.mail.yahoo.com (Port: 465, Encryption: SSL)

• Custom Mail Server: Verify settings in your server documentation.

 Tips 

• Grant send as permissions only when necessary and regularly audit and remove unnecessary access.

• Use secure authentication methods like OAuth 2.0 or application-specific passwords, ensuring TLS/SSL encryption for SMTP.

• Standardize email-sending policies and document configurations to maintain consistency.

• Enable logging for SMTP transactions to monitor unauthorized access attempts.

• Use dedicated service accounts for SMTP authentication instead of personal user accounts to minimize disruptions and security risks.

 How to reach support