My guess would be that the referer is being checked & doesn't have the expected site. Do you get the error if you copy & paste the submission url into the location bar? Could be the referer has to be 'www.site.com' and the affected users are surfing to 'site.com'?
I agree with the reply above. The script is probably trying to eliminate remote access from outside domains and is not accounting for subdomains (which should be valid). To test that theory try submitting your form from both domain.com/form.html and www.domain.com/form.html to see if it happens to you. If it does, you can either add the missing variation to the script where it checks for that or better yet, ask your host to always redirect one variation to the other.
Even if it is your script, I strongly suggest that you DON'T remove the domain check unless you're perfectly OK with the extremely likely possibility that some malicious or curious person will remotely submit your script countless times per second, filling up your inbox and leaving you scrambling to disable the script as you curse yourself and everyone else while struggling to put the domain check back in so that your script can go back live.
Just add all possible VALID domains to the list and do it right the first time.
The sections in question should look something like this: