13.8 Pitfalls

  • When sendmail collects addresses, it discards duplicates. Prior to V8 sendmail, program entries in a ~/.forward file had to be unique; otherwise, an identical entry in another user's ~/.forward caused one or the other to be ignored. Usually, this is solved by requiring the program to take an argument. If the program won't accept an argument, add a shell comment inside the quotes.

  • The database forms of the aliases(5) file contain binary integers. As a consequence, those database files cannot be shared via network-mounted filesystems by machines of differing architectures. This has been fixed with V8 sendmail, which can use the Sleepycat db(3) form of databaseif you define NEWDB (NEWDB) when building sendmail.

  • As network-mounted filesystems become increasingly common, the likelihood that a user's home directory will be temporarily unavailable increases. Prior to V8 sendmail this problem was not handled well. Instead of queueing mail until a user's home directory could be accessed, sendmail wrongly assumed that the ~/.forward didn't exist. This caused mail to be delivered locally when it should have been forwarded to another site. This can be fixed by using the ForwardPath option (ForwardPath) of V8 sendmail.

  • Prior to V8 sendmail there was no way to disable user forwarding via ~/.forward files. At sites with proprietary or confidential information there was no simple way to prevent local users from arbitrarily forwarding confidential mail offsite. But ~/.forward files can be centrally administered by using the ForwardPath option (ForwardPath) of V8 sendmail, even to the point of completely disabling forwarding with:

    define(`confFORWARD_PATH', `')
  • Programs run from ~/.forward files should take care to clear or reset all untrusted environment variables. Only V8 properly presets the environment.

  • If a user's ~/.forward file evaluates to an empty address, the mail will be silently discarded. This has been fixed in IDA and V8 sendmail.

  • A program run from a ~/.forward file is always run on the machine running sendmail. That machine is not necessarily the same as the machine housing the ~/.forward file. When user home directories are network-mounted, it is possible that one machine might support the program (such as /usr/ucb/vacation), while another might lack the program or call it something else (such as /usr/bsd/vacation). Also, if the program lives under the user's home, it might not be compiled correctly to run on the server. Note that if smrsh (Section 5.8.2) is used, the path is ignored.

    Part I: Build and Install
    Part II: Administration
    Part III: The Configuration File