diff --git a/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php b/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
--- a/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
+++ b/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
@@ -385,6 +385,9 @@
         'Mail thread IDs are now generated automatically.'),
       'metamta.placeholder-to-recipient' => pht(
         'Placeholder recipients are now generated automatically.'),
+
+      'metamta.mail-key' => pht(
+        'Mail object address hash keys are now generated automatically.'),
     );
 
     return $ancient_config;
diff --git a/src/applications/config/option/PhabricatorSecurityConfigOptions.php b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
--- a/src/applications/config/option/PhabricatorSecurityConfigOptions.php
+++ b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
@@ -169,20 +169,6 @@
             'in a vague, mostly theoretical way. But it will take you like 3 '.
             'seconds of mashing on your keyboard to set it up so you might '.
             'as well.')),
-       $this->newOption(
-         'phabricator.mail-key',
-         'string',
-         '5ce3e7e8787f6e40dfae861da315a5cdf1018f12')
-        ->setHidden(true)
-        ->setSummary(
-          pht('Hashed with other inputs to generate mail tokens.'))
-        ->setDescription(
-          pht(
-            "This is hashed with other inputs to generate mail tokens. If ".
-            "you want, you can change it to some other string which is ".
-            "unique to your install. In particular, you will want to do ".
-            "this if you accidentally send a bunch of mail somewhere you ".
-            "shouldn't have, to invalidate all old reply-to addresses.")),
        $this->newOption(
         'uri.allowed-protocols',
         'set',
diff --git a/src/applications/metamta/receiver/PhabricatorObjectMailReceiver.php b/src/applications/metamta/receiver/PhabricatorObjectMailReceiver.php
--- a/src/applications/metamta/receiver/PhabricatorObjectMailReceiver.php
+++ b/src/applications/metamta/receiver/PhabricatorObjectMailReceiver.php
@@ -200,9 +200,9 @@
   }
 
   public static function computeMailHash($mail_key, $phid) {
-    $global_mail_key = PhabricatorEnv::getEnvConfig('phabricator.mail-key');
-
-    $hash = PhabricatorHash::weakDigest($mail_key.$global_mail_key.$phid);
+    $hash = PhabricatorHash::digestWithNamedKey(
+      $mail_key.$phid,
+      'mail.object-address-key');
     return substr($hash, 0, 16);
   }
 
diff --git a/src/docs/user/configuration/configuring_inbound_email.diviner b/src/docs/user/configuration/configuring_inbound_email.diviner
--- a/src/docs/user/configuration/configuring_inbound_email.diviner
+++ b/src/docs/user/configuration/configuring_inbound_email.diviner
@@ -79,9 +79,6 @@
 project and need to interact with users whose email accounts you have no control
 over).
 
-If you leak a bunch of reply-to addresses by accident, you can change
-`phabricator.mail-key` in your configuration to invalidate all the old hashes.
-
 You can also set `metamta.public-replies`, which will change how Phabricator
 delivers email. Instead of sending each recipient a unique mail with a personal
 reply-to address, it will send a single email to everyone with a public reply-to