Error Message should Validate Username is in Domain for Authentication Error

[stellarpower]

Describe the bug

I am setting up and testing Maddy for the first time.

It appears I made a typo and missed off a character in our domain when testing via Thunderbird. This means that Thunderbird was trying to authenticate with a user whose email address' domain did no match the domain Maddy was configured to use.

From the docs, as far as I understand, all accounts must use and authenticate with a full email address, and I presume this ought to be an address under the domain Maddy is configured for. Therefore, an address under a different domain would be an error (please correct me if I am wrong). If this is the case, then I feel a different error message would be helpful - this is not so much an error in authenticating a user, as one of an invalid user. I think, if such addresses would be illegal, then testing the given username against the mailserver's domain and outputting a message specifically for this scenario could not only help in finding configuration mistakes, but also in identifying attempted attacks and the like - if someone were flooding the server with invalid addresses, we could filter those out easily.

Thanks!

Steps to reproduce

Set up as container for 0.7.0 as in instructions

maddy creds create [email protected]
maddy imap-acct create [email protected]

Accidentally send SMTP message using account [email protected], or some other typo. Or try to sync with IMAP.

Log files

imap: authentication failed	{"reason":"no auth. provider accepted creds, last err: unknown credentials","src_ip":"1.2.3.4:12345","username":"postmaster.example.or"}

Location

Configuration file

Basically the same as the defualt, all we have changed thus far is TLS certificate path and domain name.

Environment information

• maddy version: 0.7.0

[ljubomirb]

This bug is still here.