diff --git a/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php b/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
--- a/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
+++ b/src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
@@ -391,6 +391,9 @@
 
       'phabricator.csrf-key' => pht(
         'CSRF HMAC keys are now managed automatically.'),
+
+      'metamta.insecure-auth-with-reply-to' => pht(
+        'Authenticating users based on "Reply-To" is no longer supported.'),
     );
 
     return $ancient_config;
diff --git a/src/applications/config/option/PhabricatorMetaMTAConfigOptions.php b/src/applications/config/option/PhabricatorMetaMTAConfigOptions.php
--- a/src/applications/config/option/PhabricatorMetaMTAConfigOptions.php
+++ b/src/applications/config/option/PhabricatorMetaMTAConfigOptions.php
@@ -245,14 +245,6 @@
           ))
         ->setSummary(pht('Show email preferences link in email.'))
         ->setDescription($email_preferences_description),
-      $this->newOption('metamta.insecure-auth-with-reply-to', 'bool', false)
-        ->setBoolOptions(
-          array(
-            pht('Allow Insecure Reply-To Auth'),
-            pht('Disallow Reply-To Auth'),
-          ))
-        ->setSummary(pht('Trust "Reply-To" headers for authentication.'))
-        ->setDescription($reply_to_description),
       $this->newOption('metamta.public-replies', 'bool', false)
         ->setBoolOptions(
           array(
diff --git a/src/applications/metamta/receiver/PhabricatorMailReceiver.php b/src/applications/metamta/receiver/PhabricatorMailReceiver.php
--- a/src/applications/metamta/receiver/PhabricatorMailReceiver.php
+++ b/src/applications/metamta/receiver/PhabricatorMailReceiver.php
@@ -109,31 +109,6 @@
         $raw_from);
     }
 
-    // If we missed on "From", try "Reply-To" if we're configured for it.
-    $raw_reply_to = $mail->getHeader('Reply-To');
-    if (strlen($raw_reply_to)) {
-      $reply_to_key = 'metamta.insecure-auth-with-reply-to';
-      $allow_reply_to = PhabricatorEnv::getEnvConfig($reply_to_key);
-      if ($allow_reply_to) {
-        $reply_to = self::getRawAddress($raw_reply_to);
-
-        $user = PhabricatorUser::loadOneWithEmailAddress($reply_to);
-        if ($user) {
-          return $user;
-        } else {
-          $reasons[] = pht(
-            'Phabricator is configured to authenticate users using the '.
-            '"Reply-To" header, but the reply address ("%s") on this '.
-            'message does not correspond to any known user account.',
-            $raw_reply_to);
-        }
-      } else {
-        $reasons[] = pht(
-          '(Phabricator is not configured to authenticate users using the '.
-          '"Reply-To" header, so it was ignored.)');
-      }
-    }
-
     // If we don't know who this user is, load or create an external user
     // account for them if we're configured for it.
     $email_key = 'phabricator.allow-email-users';