Update:

I reinstalled qmail. This time netqmail-1.06. No change.
Reinstalled then vpopmail. Used 5.4.28. Still no change.
Right now, all messages for virtual users are rejected (except those
destined to domain.ro users, which remain in queue) with the message:

Remote host said: 553 5.7.1 sorry, that domain isn't in my list of allowed rcpthosts (chkuser)


From what i can see, the only abnormal behaviour shows in
/var/log/qmail/smtpd/current

@400000004aa3f5ac28da4274 tcpserver: status: 1/20
@400000004aa3f5ac28da4e2c tcpserver: pid 32069 from 193.201.21.10
@400000004aa3f5ac28da5214 tcpserver: ok 32069 mail.domain.com:ip:25
:remote_ip::56788
@400000004aa3f5ac2ef4ed6c CHKUSER accepted sender: from <my_email::>
remote <my_email_srv:unknown:serv_addr> rcpt <> : sender accepted
@400000004aa3f5ac2f4db3fc CHKUSER rejected relaying: from <my_email::>
remote <my_email_srv:unknown:serv_addr> rcpt <postmaster@mail...>
: client not allowed to relay
@400000004aa3f5ad2faa56d4 tcpserver: end 32069 status 0

Chkuser is ran twice for a single message.
And I have no idea why.

Anyone ran into this before or might have an idea what could be wrong?



Bogdan Motoc - CRC wrote:
> vdeldomain works
> i did a vdeldomain domain.eu and it disappeared from rcpthosts,
> virtualdomains and alias
>
> vaddaliasdomain domain.eu puts it back in the 3 files
>
>
> Tren Blackburn wrote:
>>
>> vdeldomain should do it.
>>
>>  
>>
>> *From:* Bogdan Motoc - CRC [mailto:bogdan.motoc@crcn...]
>> *Sent:* September-02-09 10:28 AM
>> *To:* vchkpw@inte...
>> *Subject:* Re: [vchkpw] Re: chkuser random rejects
>>
>>  
>>
>> mmm.... what is the command to delete an alias domain that was
>> created with vaddaliasdomain ?
>>
>>
>> Tonix (Antonio Nati) wrote:
>>
>> Considering the situation, can you delete these domains and add them
>> again using vpopmail commands?
>> After these operation, do problems remain?
>>
>> Tonino
>>
>> Bogdan Motoc - CRC ha scritto:
>>
>> root@machine:/home# cd /home
>> root@machine:/home# ls -l
>> total 8
>> drwx--x--x 2 myuser   users  4096 2008-01-24 18:52 myuser
>> drwxr-xr-x 9 vpopmail vchkpw 4096 2007-02-13 15:40 vpopmail
>> root@machine:/home# cd  vpopmail
>> root@machine:/home/vpopmail# ls -l
>> total 24
>> drwxr-xr-x 2 vpopmail vchkpw 4096 2007-02-12 17:00 bin
>> drwxr-xr-x 4 vpopmail vchkpw 4096 2007-02-12 17:00 doc
>> drwx------ 3 vpopmail vchkpw 4096 2007-02-13 17:23 domains
>> drwxr-xr-x 2 vpopmail vchkpw 4096 2009-09-02 18:40 etc
>> drwxr-xr-x 2 vpopmail vchkpw 4096 2007-02-12 17:00 include
>> drwxr-xr-x 2 vpopmail vchkpw 4096 2007-02-12 17:00 lib
>> root@machine:/home/vpopmail# cd domains
>> root@machine:/home/vpopmail/domains# ls -l
>> total 4
>> drwx------ 11 vpopmail vchkpw 4096 2009-06-25 18:17 domain.com
>> root@machine:/home/vpopmail/domains# cd domain.com
>> root@machine:/home/vpopmail/domains/domain.com# ls -l
>> total 44
>> drwx------ 3 vpopmail vchkpw 4096 2007-07-20 15:07 user1
>> drwx------ 3 vpopmail vchkpw 4096 2007-12-07 00:14 user2
>> drwx------ 3 vpopmail vchkpw 4096 2008-05-16 17:25 user3
>> drwx------ 3 vpopmail vchkpw 4096 2007-02-13 17:24 user4
>> drwx------ 3 vpopmail vchkpw 4096 2007-05-07 16:49 user5
>> drwx------ 3 vpopmail vchkpw 4096 2007-02-13 17:23 postmaster
>> drwx------ 3 vpopmail vchkpw 4096 2007-02-13 17:24 user6
>> drwx------ 3 vpopmail vchkpw 4096 2007-09-26 15:28 test
>> drwx------ 3 vpopmail vchkpw 4096 2007-10-21 11:45 user7
>> -rw-r--r-- 1 vpopmail vchkpw 1156 2009-03-11 13:45 vpasswd
>> -rw------- 1 vpopmail vchkpw 3402 2009-03-11 13:45 vpasswd.cdb
>> root@machine:/home/vpopmail/domains/domain.com# cd user1
>> root@machine:/home/vpopmail/domains/domain.com/user1# ls -l
>> total 8
>> drwx------ 11 vpopmail vchkpw 4096 2008-11-01 09:17 Maildir
>> -rw-------  1 vpopmail vchkpw    4 2008-11-01 09:17 lastauth
>> root@machine:/home/vpopmail/domains/domain.com/user1# cd Maildir
>> root@machine:/home/vpopmail/domains/domain.com/user1/Maildir# ls -l
>> total 52
>> drwx------ 2 vpopmail vchkpw 4096 2007-07-20 15:09 courierimaphieracl
>> drwx------ 2 vpopmail vchkpw 4096 2008-11-01 09:14 courierimapkeywords
>> -rw-r--r-- 1 vpopmail vchkpw   17 2008-11-01 09:17 courierimapsubscribed
>> -rw-r--r-- 1 vpopmail vchkpw  120 2008-11-01 09:14 courierimapuiddb
>> drwx------ 2 vpopmail vchkpw 4096 2008-10-02 08:08 cur
>> -rw-r--r-- 1 vpopmail vchkpw   46 2008-11-01 09:17 maildirsize
>> drwx------ 2 vpopmail vchkpw 4096 2008-07-18 10:44 new
>> -rw------- 1 vpopmail vchkpw   72 2007-07-20 15:10 sqwebmail-config
>> drwx------ 2 vpopmail vchkpw 4096 2007-07-20 15:16 sqwebmail-curcache
>> -rw------- 1 vpopmail vchkpw    1 2007-07-20 15:16
>> sqwebmail-curcache.nfshack
>> -rw------- 1 vpopmail vchkpw    0 2007-07-20 15:10 sqwebmail-mailinglists
>> -rw------- 1 vpopmail vchkpw    7 2007-07-20 15:09 sqwebmail-sentstamp
>> -rw------- 1 vpopmail vchkpw    0 2007-07-20 15:10 sqwebmail-sig
>> -rw------- 1 vpopmail vchkpw    1 2007-07-20 15:16 sqwebmail-timestamp
>> drwx------ 2 vpopmail vchkpw 4096 2008-11-01 09:17 tmp
>>
>>
>>
>> Tonix (Antonio Nati) wrote:
>>
>> Which are ownership and privileges of domain directories and mailboxes?
>> chkuser simply checks mysql or cdb, while qmail in delivery checks
>> also for directories.
>>
>> Tonino
>>  
>> Tren Blackburn ha scritto:
>>
>> Can you paste the output of the command:
>>
>>  
>>
>> /var/qmail/bin/qmail-showctl
>>
>>  
>>
>> Thanks :)
>>
>>  
>>
>> *From:* Bogdan Motoc - CRC [mailto:bogdan.motoc@crcn...]
>> *Sent:* September-02-09 8:26 AM
>> *To:* vchkpw@inte... <mailto:vchkpw@inte...>
>> *Subject:* Re: [vchkpw] Re: chkuser random rejects
>>
>>  
>>
>> No. Users on the internal network are able to relay their messages
>> because tcp.smtp has this line:
>> local_subnet:allow,RELAYCLIENT=""
>>
>> Just tested right now, even roaming users are able to relay messages
>> via smtp-auth.
>> (haven't tested if the pop-before-smtp function of vpopmail works, as
>> i just configured an imap account in my mail client. if you think
>> it's relevant to know, i'll do it)
>> Funny thing is, when sending to the postmaster account on that server
>> from my client configured to authenticate via smtp-auth via a valid
>> user and pass from that server, the message doesn't arrive anywhere.
>> Here's the log:
>> @400000004a9e8c3518c0efdc info msg 30983061: bytes 837 from
>> <test@doma...> <mailto:test@doma...> qp 3674 uid 89
>> @400000004a9e8c351937391c starting delivery 12: msg 30983061 to local
>> postmaster@doma... <mailto:postmaster@doma...>
>> @400000004a9e8c35193744d4 status: local 1/10 remote 0/20
>> @400000004a9e8c351959d864 delivery 12: failure:
>> Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/
>> @400000004a9e8c351959e41c status: local 0/10 remote 0/20
>> @400000004a9e8c3519b47b84 bounce msg 30983061 qp 3677
>> @400000004a9e8c3519b4873c end msg 30983061
>> @400000004a9e8c3519b71394 new msg 30983148
>> @400000004a9e8c3519b7177c info msg 30983148: bytes 1355 from <> qp
>> 3677 uid 1007
>> @400000004a9e8c351a367cc4 starting delivery 13: msg 30983148 to local
>> test@doma... <mailto:test@doma...>
>> @400000004a9e8c351a368494 status: local 1/10 remote 0/20
>> @400000004a9e8c351a581e24 delivery 13: failure:
>> Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/
>> @400000004a9e8c351a582dc4 status: local 0/10 remote 0/20
>> @400000004a9e8c351aa9ff14 bounce msg 30983148 qp 3680
>> @400000004a9e8c351aaa0acc end msg 30983148
>> @400000004a9e8c351aacba4c new msg 30983093
>> @400000004a9e8c351aacbe34 info msg 30983093: bytes 1789 from <#@[]>
>> qp 3680 uid 1007
>> @400000004a9e8c351b1d69f4 starting delivery 14: msg 30983093 to local
>> postmaster@doma... <mailto:postmaster@doma...>
>> @400000004a9e8c351b1d71c4 status: local 1/10 remote 0/20
>> @400000004a9e8c351b381614 delivery 14: failure:
>> Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/
>> @400000004a9e8c351b3825b4 status: local 0/10 remote 0/20
>> @400000004a9e8c351b38299c triple bounce: discarding bounce/30983093
>> @400000004a9e8c351b382d84 end msg 30983093
>>
>> Same thing happens when sending to every user on the server, not just
>> to postmaster.
>>
>>
>>
>>
>> Tren Blackburn wrote:
>>
>> Are you sending mail from an authorized host? Either explicitly via
>> tcp.smtp or via SMTP-Auth or POP-before-SMTP/IMAP-before-SMTP?
>>
>>  
>>
>> *From:* Bogdan Motoc - CRC [mailto:bogdan.motoc@crcn...]
>> *Sent:* September-02-09 7:54 AM
>> *To:* vchkpw@inte... <mailto:vchkpw@inte...>
>> *Subject:* Re: [vchkpw] Re: chkuser random rejects
>>
>>  
>>
>> The assign file has all the domains that have been added via
>> vaddaliasdomain
>> I only have one set of users and the other domains are aliases to
>> domain.com
>> Here's what that file looks like:
>> +domain.com-:domain.com:89:89:/home/vpopmail/domains/domain.com:-::
>> +domain.eu-:domain.com:89:89:/home/vpopmail/domains/domain.com:-::
>> .
>>
>>
>> Removing ",QMAILQUEUE="/var/qmail/bin/simscan"" from tcp.smtp and
>> doing qmailctl cdb gives this error when sending to a legitimate user:
>>
>>
>>
>> Remote host said: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser)
>>  
>>
>>
>>
>>
>> Eric Shubert wrote:
>>
>> What's in your /var/qmail/users/assign file?
>>
>> Bogdan Motoc - CRC wrote:
>>
>>
>>
>> I'm really sorry about bothering you again about this problem, but
>> I'm really at wits' end here.
>> I have removed the mail.domain.tld from every file I could find.
>> Now mail is not received at all. At least now it's consistent, which
>> is good. No more flapping. (have to keep my sense of humor while
>> users can't receive any mail)
>> I think chkuser can be ruled out as the problem. Sending to
>> legitimateuser@doma... <mailto:legitimateuser@doma...> produces
>> a bounce with the error listed below (#5.1.1), while sending to
>> nonexistentuser@doma... <mailto:nonexistentuser@doma...> makes
>> chkuser kick in and reject the message as it should as soon as I type
>> rcpt to: baduser@doma... <mailto:baduser@doma...>
>> 511 sorry, no mailbox here by that name (#5.1.1 - chkuser)
>> So my conclusion is that qmail accepts the message but when it wants
>> to deliver it locally to the vpopmail user, something causes it to
>> bounce.
>>
>> Can you give me any advice on how to test the path traversed by the
>> message once it is accepted by qmail-smtpd ?
>>
>>
>>
>> Bogdan Motoc - CRC wrote:
>>
>>
>>
>> I seem to have broken things really bad. I tried to make
>> mail.domain.tld an alias of domain.tld
>> Now authentication only works from time to time.
>> The bounce says:
>>
>> <user@doma...> <mailto:user@doma...>:
>> Sorry, no mailbox here by that name. (#5.1.1)
>>
>> Of course, that account exists.
>>
>> Where are domain aliases stored? Can I manually delete a domain alias?
>> I'm using vpopmail 5.4.17 with users stored in a cdb file.
>>
>>
>> Bogdan
>>
>> Tonix (Antonio Nati) wrote:
>>
>>
>>
>> Bogdan Motoc - CRC ha scritto:
>>
>>
>>
>>
>>
>> Tonix (Antonio Nati) wrote:
>>
>>
>>
>> Bogdan Motoc - CRC ha scritto:
>>
>>
>>
>> This most probably is not a vpopmail problem, but a chkuser one.
>> The support page of chkuser
>> (http://www.interazioni.it/opensource/chkuser/support/mailing_lists.html)
>> points to this mailing list, so that's why I'm posting this here.
>>
>>
>> chkuser is simply using basic qmail checks, giving a better log. It
>> is giving back what qmail would give back.
>> Check carefully qmail configuration and files availability.
>>
>> nothing changed between the two events (rejecting a legitimate
>> message and allowing a similar one)
>> all files are world-readable, except the .lock files
>>
>>
>>
>>
>>     The mail server in question runs:
>>
>>     netqmail 1.05
>>     vpopmail 5.4.17
>>     chkuser 2.0.8b
>>     simscan 1.1
>>
>>
>> install chkuser 2.09, has more checks, new features and solves minor
>> bugs (not related to your question).
>>
>> hard to do on a production server. I've set this one up more than two
>> years ago, and I remember there was a rigid order in which patches
>> were supposed to be applied to qmail, and some of them had to be
>> manually added (thinking of simscan, smtp-auth, chkuser)
>>
>>
>> It should be easy. Copy new chkuser files over old files, check
>> chkuser_settings.h (some have changed) and recompile.
>>
>>
>>
>>
>> In the meantime, I've googled a bit and found an alternative. I'll
>> post a "what's your experience with ... ?" message later about it.
>>
>>
>>
>>
>>
>>
>>
>>
>> Messages sent to existing and not overquota users on this server
>> randomly (as far as I can tell) are rejected with this message:
>>
>> Remote host said: 553 sorry, that domain isn't in my list of allowed
>> rcpthosts (#5.5.3 - chkuser)
>>
>> I've checked and double checked that the user exists and there was no
>> typo when entering the destination email address.
>> Sending again after a while to the same user ends up with the message
>> into his mailbox without any issues.
>> The server's /var/log/qmail/smtpd/current log file shows this about
>> the rejected message:
>>
>> 2009-07-24 12:28:19.035629500 CHKUSER rejected relaying: from
>> <sender's_email_address::> remote
>> <remote_mail_server:unknown:remote_ip> rcpt
>> <valid_user@mail...> <mailto:valid_user@mail...> :
>> client not allowed to relay
>>
>> The mailboxes on this machine are all respecting this pattern:
>> user@doma... <mailto:user@doma...>
>>
>>
>> You say general pattern is user@doma... <mailto:user@doma...>,
>> while log says user@mail... <mailto:user@mail...>.
>> Are you sure 100% domain names do not include blank, DEL, strange not
>> visible chars? It could happen when spaces or strange invisible
>> characters are inside mail addresses.
>>
>> Yes, the recipient mail address I've typed correctly (I
>> double-checked it, having faced stupid users before who think that
>> spaces in email adresses can't hurt that much, can they?)
>> Basically, i replied to a user on that server and got the bounce back
>> imidiately.  Cursed at the binary gods for allowing  functions to
>> return different results when fed the same input, had to leave the
>> office, and when i got back replied again to the same message,
>> checked and it arrived in the users's mailbox. The log shows this:
>> 2009-07-24 18:09:48.389030500 CHKUSER accepted rcpt: from
>> <my_email_address::> remote <my_email_server:unknown:my_ip> rcpt
>> <user@doma...> <mailto:user@doma...> : found existing recipient
>>
>>
>> Check if any limit is reached. Like max open files or max MySQL
>> connections. It could happen in a peaik moment you reach some limits.
>> chkuser version you have does not handle mysql refused connections,
>> while 2.0.9 does.
>>
>>
>>
>>
>> What i don't understand is why vpopmail is sometimes being asked to
>> authenticate /user@doma.../ and sometimes /user@mail.../ ?
>>
>>
>> probably some users put the wrong username in Outlook... missing the
>> domain part, so automatically you have the "me" file added to
>> address... or?
>>
>> Ciao,
>>
>> Tonino
>>
>>
>>
>>
>> Of course, possible solutions to my problem are:
>> 1. getting rid of "mail." part completely
>> 2. making mail.domain.tld an alias of domain.tld, so both would work
>>
>> Thanks a lot for any ideeas you might have.
>>
>>
>>
>>
>>
>> Regards,
>>
>> Tonino
>>
>>
>>
>>
>> The /var/qmail/control/me file lists this: mail.domain.tld, which is
>> also the MX for domain.tld
>>
>> /var/qmail/control/rcpthosts lists both domain.tld and mail.domain.tld
>> /var/qmail/control/virtualdomains shows domain.tld
>> /var/qmail/control/locals shows only mail.domain.tld
>> /var/qmail/control/defaultdomain only shows domain.tld
>>
>> What could be wrong, but most of all, why is the error occurring only
>> rarely (but often enough to be annoying)?
>>
>>
>> Thanks in advance for any answers you might be able to provide.
>>
>>
>>
>> Bogdan Motoc
>>
>>
>>
>> --
>> ------------------------------------------------------------
>>         Inter@zioni            Interazioni di Antonio Nati    
>> http://www.interazioni.it      tonix@inte...
>> <mailto:tonix@inte...>          
>> ------------------------------------------------------------
>>  
>>
>>
>>
>> --
>> ------------------------------------------------------------
>>         Inter@zioni            Interazioni di Antonio Nati    
>> http://www.interazioni.it      tonix@inte...
>> <mailto:tonix@inte...>          
>> ------------------------------------------------------------
>>  
>>
>>
>>
>>
>>
>>
>>  
>>
>>  
>>
>>
>>
>>
>> --
>> ------------------------------------------------------------
>>         Inter@zioni            Interazioni di Antonio Nati
>>    http://www.interazioni.it      tonix@inte... <mailto:tonix@inte...>          
>> ------------------------------------------------------------
>>  
>>
>>
>>
>>
>> --
>> ------------------------------------------------------------
>>         Inter@zioni            Interazioni di Antonio Nati
>>    http://www.interazioni.it      tonix@inte... <mailto:tonix@inte...>          
>> ------------------------------------------------------------
>>  
>>
>  


!DSPAM:4aa3f77c32711866120255!