What defines the default email sending domain?

I have two servers. Both are running Ubuntu 24.04.4 LTS and postfix 3.8.6 (installed by the package manager). The postfix configurations are identical, with the exception of server-specific host and domain names. My issue is that I'm seeing different mail sending behavior on the servers. Here's an example of the log entry when email is sent from a local account on the first server to an email address on another server:

2026-03-23T12:45:11.977293-04:00 myfirstdomain opendmarc[1295]: ignoring connection from localhost
2026-03-23T12:45:11.977685-04:00 myfirstdomain postfix/cleanup[3622]: EBFC46060488: message-id=<[email protected]>
2026-03-23T12:45:11.983517-04:00 myfirstdomain opendkim[1310]: EBFC46060488: DKIM-Signature field added (s=default, d=myfirstdomain.net)
2026-03-23T12:45:11.984578-04:00 myfirstdomain postfix/qmgr[3613]: EBFC46060488: from=<sah62@host>, size=360, nrcpt=1 (queue active)
2026-03-23T12:45:12.588366-04:00 myfirstdomain postfix/smtp[3624]: EBFC46060488: to=<[email protected]>, relay=relay.net[1.2.3.4]:25, delay=0.64, delays=0.04/0.03/0.35/0.22, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 78E7655E001)
2026-03-23T12:45:12.588610-04:00 myfirstdomain postfix/qmgr[3613]: EBFC46060488: removed

Note the "from" value: sah62@host. This isn't what I want to see. I want this value to be [email protected]. The value found in /etc/hostname for this server is "host".

Here's an example of a log entry when email is sent from a local account on the second server to an email address on another server:

2026-03-23T12:36:22.422074-04:00 localhost opendmarc[2112]: ignoring connection from localhost
2026-03-23T12:36:22.422796-04:00 localhost postfix/cleanup[321822]: 63975784001: message-id=<[email protected]>
2026-03-23T12:36:22.427178-04:00 localhost opendkim[86709]: 63975784001: DKIM-Signature field added (s=default, d=myseconddomain.net)
2026-03-23T12:36:22.428493-04:00 localhost postfix/qmgr[61248]: 63975784001: from=<[email protected]>, size=436, nrcpt=1 (queue active)
2026-03-23T12:36:22.972380-04:00 localhost postfix/smtp[321824]: 63975784001: to=<[email protected]>, relay=relay.net[1.2.3.4]:25, delay=0.58, delays=0.04/0.02/0.44/0.09, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as E8E7455E001)
2026-03-23T12:36:22.972612-04:00 localhost postfix/qmgr[61248]: 63975784001: removed

Note the "from" value: [email protected]. This is what I want to see. The value found in /etc/hostname for this server is "host2".

Why is the first server setting the "from" value to sah62@host while the second server sets the "from" value to [email protected]? Did I miss a configuration step somewhere?

Maybe related: the first server uses "myfirstname" for the value of the field after the timestamp. The second server uses "localhost".

If mail enters the system via SMTP, envelope from which you are seeing there, is set by submitting entity in the SMTP's MAIL FROM protocol command. For example, you can set up Thunderbird to use certain envelope from address. This address is distinct from the address in the message MIME header From:.

Whatever it is, it enters the system and processed by the cleanup daemon. It tries to canonicalize the address, and also optionally calls trivial-rewrite. Overall it tries to fix the addresses looking too bad, for example, it will add a proper domain name, taken from myorigin setting, if mail came from local system and has no proper envelope from address.

Important thing to note here is that, while it would fix "too badly looking" names, it won't fix others, and if your submitting entity forms good looking, but "fake" (not belonging to you) envelope from address, it won't fix that. If you want to truly control what email addresses your server could originate, you need to also:

1. Implement authentication for sending entities (e.g. SASL), so Postfix will always know the identity of a sending entity.
2. Force everybody and everything to authenticate. That means, mynetworks = 127.0.0.1, ::1.
3. Use smtpd_sender_login_maps to control which users can use which envelope from addresses.

Postfix will then reject any attempts to use addresses that doesn't belong to that entity. Coupled with proper configuration of cleanup and trivial-rewrite parameters, that guarantees that you know which addresses your server originates and who can use them.

The best way to enable authentication is to uncomment submission and/or submissions (smtps in older versions) services in master.cf and use smtpd_sasl_auth_enable=yes only for these services.

Postfix has exemplar quality documentation. Use it. Start with architecture overview (I linked it above already, but it is so important so I'll link it second time).