suddenly 'User unknown'?

Charles Bradshaw charles.bradshaw at ntlworld.com
Wed Nov 28 10:21:23 EST 2018 

I have been running cyrus imap successfully for some years. Suddenly the
server is throwing 'User unknown' in the maillog.

I can login using using Thunderbird Mail OK, but NOTHING is being delivered to any user, pecifically to me brad at bradcan.homelinux.com

I am at a complete loss to understand what has gone wrong.

 How do I diagnose the problem?
 What in detail is mechanism that decides that a user is known/unknown?

I have included what I think are the relevant messages and parts of my
configuration files (sendmail.mc cyrus.conf) files (sorry about the length)

My tests while logged in to the server as brad:

[brad at dell2600-1 ~]$ hostname
dell2600-1.bradcan.homelinux.com

[brad at dell2600-1 ~]$ sendmail brad at bradcan.homelinux.com < email.txt             <<<<< THIS FAILS see below

As root maillog content following the above:

[root at dell2600-1 brad]# cat /var/log/maillog
Nov 27 15:18:35 dell2600-1 sendmail[4798]: wARFIZXZ004798: from=brad,
size=44, class=0, nrcpts=1,
msgid=<201811271518.wARFIZXZ004798 at bradcan.homelinux.com>,
relay=brad at localhost
Nov 27 15:18:35 dell2600-1 sendmail[4799]: NOQUEUE: connect from localhost.localdomain [127.0.0.1]
Nov 27 15:18:35 dell2600-1 sendmail[4799]: AUTH: available mech=CRAM-MD5 DIGEST-MD5, allowed mech=EXTERNAL DIGEST-MD5 CRAM-MD5
Nov 27 15:18:35 dell2600-1 sendmail[4799]: wARFIZvg004799: Milter: no active filter
Nov 27 15:18:35 dell2600-1 sendmail[4799]: STARTTLS=server, relay=localhost.localdomain [127.0.0.1], version=TLSv1/SSLv3, verify=NO, cipher=DHE RSA-AES256-GCM-SHA384, bits=256/256
Nov 27 15:18:35 dell2600-1 sendmail[4799]: STARTTLS=server, cert-subject=, cert-issuer=, verifymsg=ok
Nov 27 15:18:35 dell2600-1 sendmail[4798]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-GCM-SHA384, bits=256/256
Nov 27 15:18:35 dell2600-1 sendmail[4799]: AUTH: available mech=CRAM-MD5 DIGEST-MD5, allowed mech=EXTERNAL DIGEST-MD5 CRAM-MD5
Nov 27 15:18:35 dell2600-1 sendmail[4799]: ruleset=trust_auth, arg1=brad at bradcan.homelinux.com, relay=localhost.localdomain [127.0.0.1], reject=550 5.7.1 <brad at bradcan.homelinux.com>... not authenticated
Nov 27 15:18:35 dell2600-1 sendmail[4799]: wARFIZvh004799: from=<brad at bradcan.homelinux.com>, size=358, class=0, nrcpts=1, msgid=<201811271518.wARFIZXZ004798 at bradcan.homelinux.com>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Nov 27 15:18:36 dell2600-1 sendmail[4798]: wARFIZXZ004798:
to=brad at bradcan.homelinux.com, ctladdr=brad (500/500), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30044, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (wARFIZvh004799 Message accepted for delivery)

Nov 27 15:18:36 dell2600-1 sendmail[4801]: AUTH=client, relay=localhost, mech=, bits=0
Nov 27 15:18:36 dell2600-1 sendmail[4801]: wARFIZvh004799: to=<brad at bradcan.homelinux.com>, delay=00:00:01, xdelay=00:00:00, mailer=cyrusv2, pri=120358, relay=localhost, dsn=5.1.1, stat=User unknown
Nov 27 15:18:36 dell2600-1 sendmail[4801]: wARFIZvh004799: wARFIavg004801: DSN: User unknown

Nov 27 15:18:36 dell2600-1 sendmail[4801]: wARFIavg004801: to=<brad at bradcan.homelinux.com>, delay=00:00:00, xdelay=00:00:00, mailer=cyrusv2, pri=31677, relay=localhost [[UNIX: /var/lib/imap/socket/lmtp]], dsn=5.1.1, stat=User unknown

 ~ o ~

What cyradmin says:

localhost.localdomain> ver                                                                           
name       : Cyrus IMAPD
version    : v2.4.17-Invoca-RPM-2.4.17-7.el6 d1df8aff 2012-12-01
vendor     : Project Cyrus
support-url: http://www.cyrusimap.org
os         : Linux
os-version : 2.6.32-754.6.3.el6.i686
environment: Built w/Cyrus SASL 2.1.23
             Running w/Cyrus SASL 2.1.23
             Built w/OpenSSL 1.0.1e-fips 11 Feb 2013
             Running w/OpenSSL 1.0.1e-fips 11 Feb 2013
             Built w/zlib 1.2.3
             Running w/zlib 1.2.3
             CMU Sieve 2.4
             mmap = shared
             lock = fcntl
             nonblock = fcntl
             idle = idled

localhost.localdomain> info user/brad at bradcan.homelinux.com                                          
{user/brad at bradcan.homelinux.com}:
  duplicatedeliver: false
  lastpop: 24-Oct-2013 21:04:43 +0100
  lastupdate: 27-Nov-2018 04:00:00 +0000
  partition: default
  pop3newuidl: true
  sharedseen: false
  size: 8489796

 ~ o ~

Part of /etc/mail/sendmail.mc

...

MASQUERADE_DOMAIN(bradcan.homelinux.com)
MASQUERADE_DOMAIN(localhost)dnl
MASQUERADE_DOMAIN(localhost.localdomain)dnl
MAILER(smtp)dnl
MAILER(cyrusv2)dnl
MAILER_DEFINITIONS
Mcyrusv2,    P=[IPC], F=_MODMF_(CONCAT(_DEF_CYRUSV2_MAILER_FLAGS,
CYRUSV2_MAILER_FLAGS), `CYRUSV2'),
        S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMT, E=\r\n,
        _OPTINS(`CYRUSV2_MAILER_MAXMSGS', `m=', `,
')_OPTINS(`CYRUSV2_MAILER_MAXRCPTS', `r=', `,
')_OPTINS(`CYRUSV2_MAILER_CHARSET', `C=', `,
')T=DNS/RFC822/SMTP,_CYRUSV2_QGRP
        A=CYRUSV2_MAILER_ARGS

/etc/cyrus.conf:

# standard standalone server implementation

START {
  # do not delete this entry!
  recover	cmd="ctl_cyrusdb -r"

  # this is only necessary if using idled for IMAP IDLE
  idled		cmd="idled"
}

# UNIX sockets start with a slash and are put into /var/lib/imap/sockets
SERVICES {
  # add or remove based on preferences
  imap		cmd="imapd" listen="imap" prefork=5
  imaps		cmd="imapd -s" listen="imaps" prefork=1
  pop3		cmd="pop3d" listen="pop3" prefork=3
  pop3s		cmd="pop3d -s" listen="pop3s" prefork=1
  sieve		cmd="timsieved" listen="sieve" prefork=0

  # these are only necessary if receiving/exporting usenet via NNTP
#  nntp		cmd="nntpd" listen="nntp" prefork=3
#  nntps		cmd="nntpd -s" listen="nntps" prefork=1

  # at least one LMTP is required for delivery
#  lmtp		cmd="lmtpd" listen="lmtp" prefork=0
  lmtpunix	cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1

  # this is only necessary if using notifications
#  notify	cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1
}

EVENTS {
  # this is required
  checkpoint	cmd="ctl_cyrusdb -c" period=30

  # this is only necessary if using duplicate delivery suppression,
  # Sieve or NNTP
  delprune	cmd="cyr_expire -D 7 -E 3 -X 7" at=0400

  # this is only necessary if caching TLS sessions
  tlsprune	cmd="tls_prune" at=0400
}

and /etc/imapd.conf
[root at dell2600-1 brad]# cat /etc/imapd.conf
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: auxprop
sasl_mech_list: DIGEST-MD5 CRAM-MD5
#
sasl_auxprop_plugin:sql
sasl_sql_engine:mysql
sasl_sql_hostnames:127.0.0.1:3306
sasl_sql_user:mail
sasl_sql_passwd:qy19pbV63
sasl_sql_database:mail
sasl_sql_select:SELECT pwd('%u','%r');
#
allowplaintext: no
unixhierarchysep: yes
virtdomains: userid
#
tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
tls_cipher_list: TLSv1:SSLv3:!NULL:!EXPORT:!DES:!LOW:@STRENGTH

More information about the Info-cyrus mailing list