The issue its with EXIM mail server yet, for quick resolve from Roundcube side, you can empty SMTP user and password field so the email to be accepted then sent in acl_check_rcpt: without SMTP " control = submission " header which is apparently by standards modifies the existing headers in order to make it compliant and its expecting username format to be sent with %n flag i.e. local part only and adds qualify domain automatically, while its sent in %u format and the following hack works without any issues given the user is already authenticated via Roundcube login session but will raise issues to emails sent between local users, and in some instances they can bypass authentication and the second method resolves such issue.
In config/config.inc.php I set the following with empty strings and it should work.
$config['smtp_pass'] = '';
$config['smtp_user'] = '';
The preferred, its this second solution, that is to rearrange the order of acl_check_rcpt: tests in /usr/exim/configure file, by making sure the following is placed:-
# Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
# testing for an empty sending host field.
accept hosts = :
control = dkim_disable_verify
control = dmarc_disable_verify
control = dmarc_enable_forensic
# Accept if the message arrived over an authenticated connection, from
# any host. Again, these messages are usually from MUAs, so recipient
# verification is omitted, and submission mode is set. And again, we do this
# check before any black list tests.
accept authenticated = *
control = dkim_disable_verify
control = dmarc_disable_verify
control = dmarc_enable_forensic
At least before the following in order to avoid control = submission enforcement:-
# Accept if the message comes from one of the hosts for which we are an
# outgoing relay. It is assumed that such hosts are most likely to be MUAs,
# so we set control=submission to make Exim treat the message as a
# submission. It will fix up various errors in the message, for example, the
# lack of a Date: header line. If you are actually relaying out out from
# MTAs, you may want to disable this. If you are handling both relaying from
# MTAs and submissions from MUAs you should probably split them into two
# lists, and handle them differently.
# Recipient verification is omitted here, because in many cases the clients
# are dumb MUAs that don't cope well with SMTP error responses. If you are
# actually relaying out from MTAs, you should probably add recipient
# verification here.
# Note that, by putting this test before any DNS black list checks, you will
# always accept from these hosts, even if they end up on a black list. The
# assumption is that they are your friends, and if they get onto a black
# list, it is a mistake.
accept hosts = +relay_from_hosts
control = submission
control = dkim_disable_verify
control = dmarc_disable_verify
control = dmarc_enable_forensic
I know this is a very old post, but I came across and if the answer was here, it would've saved me a whole day researching. I hope it to be useful to someone one day like today :0