home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  

sendmail

sendmailSearch this book
Previous: 25.7 The User's ~/.forward File Chapter 25
Mailing Lists and ~/.forward 		Next: 26. Logging and Statistics
 

25.8 Pitfalls

  • When sendmail collects addresses, it discards duplicates. Prior to V8 sendmail , program entries in a ~/.forward file had to be unique; otherwise, an identical entry in another user's ~/.forward caused one or the other to be ignored. Usually, this is solved by requiring the program to take an argument. If the program won't accept an argument, add a shell comment inside the quotes.

  • The database forms of the aliases (5) file contain binary integers. As a consequence, those database files cannot be shared via network-mounted file systems by machines of differing architectures. This has been fixed with V8 sendmail , which can use the 4.4 BSD UNIX db (3) form of database.

  • As network-mounted file systems become increasingly common, the likelihood that a user's home directory will be temporarily unavailable increases. Prior to V8 sendmail this problem was not handled well. Instead of queueing mail until a user's home directory could be accessed, sendmail wrongly assumed that the ~/.forward didn't exist. This caused mail to be delivered locally when it should have been forwarded to another site. This can be fixed by using the ForwardPath ( J ) option (see Section 34.8.27 ) of V8 sendmail .

  • Prior to V8 sendmail there was no way to disable user forwarding via ~/.forward files. At sites with proprietary or confidential information there was no simple way to prevent local users from arbitrarily forwarding confidential mail offsite. But ~/.forward files can be centrally administered by using the ForwardPath ( J ) option (see Section 34.8.27 ) of V8 sendmail , even to the point of completely disabling forwarding with OJ/dev/null .

  • Programs run from ~/.forward files should take care to clear or reset all untrusted environment variables. Only V8 properly presets the environment.

  • If a user's ~/.forward file evaluates to an empty address, the mail will be silently discarded. This has been fixed in IDA and V8 sendmail .

  • A program run from a ~/.forward file is always run on the machine running sendmail . That machine is not necessarily the same as the machine housing the ~/.forward file. When user home directories are network-mounted, it is possible that one machine may support the program (such as /usr/ucb/vacation ), while another may lack the program or call it something else (such as /usr/bsd/vacation ). Note that if smrsh (1) is used, the path is ignored.

Previous: 25.7 The User's ~/.forward File sendmail Next: 26. Logging and Statistics
25.7 The User's ~/.forward File Book Index 26. Logging and Statistics

[ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ]