I just found a chkuser bug, which I will try to fix if the author doesn't beat me to it :)
Bounce messages (i.e., from <>) are accepted for non-existant remote recipients. In our case, we have a rogue client who we used to perform secondary MX services for and stopped because 99% of the mail was spam that they were rejecting and leaving us to bounce. Unfortunately, no matter how many times we try, they refuse to remove the secondary MX record that lists us, so we get lots of messages sent to us that we reject because the domain is not in any of our control files. However, I noticed a couple of bounce messages for them in our queue today, and upon further investigation found that CHKUSER had allowed the null sender to relay despite the user being non-existant on the system. Even more interestingly, it seems to be a random occasional thing - I see other bounces (including one to the same user) getting rejected. The only difference I see is that they are coming from different hosts out of google, but that's all I can say. Here's the CHKUSER log messages for one accept and on reject for the same user: @40000000480f8d7f04132104 15437 CHKUSER relaying rcpt: from <::> remote <:fg-out-1718.google.com:22.214.171.124> rcpt <[EMAIL PROTECTED]> : client allowed to relay @40000000480f94c100eddc94 18912 CHKUSER rejected relaying: from <::> remote <:nf-out-0910.google.com:126.96.36.199> rcpt <[EMAIL PROTECTED]> : client not allowed to relay Any ideas? Josh -- Joshua Megerman SJGames MIB #5273 - OGRE AI Testing Division You can't win; You can't break even; You can't even quit the game. - Layman's translation of the Laws of Thermodynamics [EMAIL PROTECTED] !DSPAM:48149113120507223516693!