When sendmail
collects addresses, it discards duplicates. Prior to V8
sendmail, program entries in a
~/.forward
file had to be unique; otherwise, an
identical entry in another user's
~/.forward caused one or the other to be
ignored. Usually, this is solved by requiring the program to take an
argument. If the program won't accept an argument,
add a shell comment inside the quotes.
The database forms of the aliases(5) file
contain binary integers. As a consequence, those database files
cannot be shared via network-mounted filesystems by machines of
differing architectures. This has been fixed with V8
sendmail, which can use the Sleepycat
db(3) form of database—if you define NEWDB
(NEWDB) when building
sendmail.
As network-mounted filesystems become increasingly common, the
likelihood that a user's home directory will be
temporarily unavailable increases. Prior to V8
sendmail this problem was not handled well.
Instead of queueing mail until a user's home
directory could be accessed, sendmail wrongly
assumed that the ~/.forward
didn't exist. This caused mail to be delivered
locally when it should have been forwarded to another site. This can
be fixed by using the ForwardPath option (ForwardPath) of V8 sendmail.
Prior to V8 sendmail there was no way to disable
user forwarding via ~/.forward files. At sites
with proprietary or confidential information there was no simple way
to prevent local users from arbitrarily forwarding confidential mail
offsite. But ~/.forward files can be centrally
administered by using the ForwardPath option
(ForwardPath) of V8 sendmail,
even to the point of completely disabling forwarding with:
define(`confFORWARD_PATH', `')
Programs run from ~/.forward files should take
care to clear or reset all untrusted environment variables. Only V8
properly presets the environment.
If a user's ~/.forward file
evaluates to an empty address, the mail will be silently discarded.
This has been fixed in IDA and V8 sendmail.
A program run from a ~/.forward file is always
run on the machine running sendmail. That
machine is not necessarily the same as the machine housing the
~/.forward file. When user home directories are
network-mounted, it is possible that one machine might support the
program (such as /usr/ucb/vacation), while
another might lack the program or call it something else (such as
/usr/bsd/vacation). Also, if the program lives
under the user's home, it might not be compiled
correctly to run on the server. Note that if
smrsh (Section 5.8.2) is used,
the path is ignored.
