Someone forgot his password and used the new feature of mystic to send a password inquiry. He sent the msg, but the sender is "Unknown", so the
sysop/me can't really know who send this msg.

Is this the proper use? Should i change something in the setting? I am sure that the user forgot or didn't know that he should put his userid in that msg... should mystic ask for a senders name when posting the msg?

.----- --- -- -
| Another Droid BBS
: Telnet : andr01d.zapto.org:9999 [UTC 11:00 - 20:00]
. Contact : xqtr@gmx.com

--- Mystic BBS v1.12 A41 2018/12/27 (Raspberry Pi/32)
* Origin: Another Droid BBS # andr01d.zapto.org:9999 (21:1/111)

Someone forgot his password and used the new feature of mystic to send a password inquiry. He sent the msg, but the sender is "Unknown", so the sysop/me can't really know who send this msg.

This is new as of maybe 1998 ;) Yes, its Unknown because the user hasn't logged in so Mystic doesn't know who it is. They have to tell you who they are and explain they need help getting their password reset.

Or you can enable to allow users to reset their passwords on their own using the e-mail address registered with their account.

Is this the proper use? Should i change something in the setting? I am sure that the user forgot or didn't know that he should put his userid
in that msg... should mystic ask for a senders name when posting the msg?

It shows them the message is from "Unknown", so its up to the user to supply their name. If it asks for their name then the user can just type in whatever they want anyway, in an attempt to phish the Sysop into giving out details or resetting a password for an account that isn't theirs.

--- Mystic BBS v1.12 A43 2019/02/08 (Linux/64)
* Origin: Sector 7 (21:1/108)