When sendmail collects addresses, it discards duplicates. Prior to V8 sendmail, program entries in a ~/.forward file had to be unique; otherwise, an identical entry in another user's ~/.forward caused one or the other to be ignored. Usually, this is solved by requiring the program to take an argument. If the program won't accept an argument, add a shell comment inside the quotes.
The database forms of the aliases(5) file contain binary integers. As a consequence, those database files cannot be shared via network-mounted file systems by machines of differing architectures. This has been fixed with V8 sendmail, which can use the 4.4 BSD UNIX db(3) form of database.
As network-mounted file systems become increasingly common, the likelihood
that a user's home directory will be temporarily unavailable
increases. Prior to V8 sendmail this problem was not handled
well. Instead of queueing mail until a user's home
directory could be accessed, sendmail wrongly assumed that the
~/.forward didn't exist. This caused mail to be delivered
locally when it should have been forwarded to another site.
This can be fixed by using the
ForwardPath
(J
) option (see Section 34.8.27)
of V8 sendmail.
Prior to V8 sendmail
there was no way to disable user forwarding via ~/.forward
files. At sites with proprietary or confidential information
there was no simple way to prevent local users from arbitrarily
forwarding confidential mail offsite.
But ~/.forward files can be centrally administered
by using the
ForwardPath
(J
) option (see Section 34.8.27)
of V8 sendmail, even to the point of
completely disabling forwarding with OJ/dev/null
.
Programs run from ~/.forward files should take care to clear or reset all untrusted environment variables. Only V8 properly presets the environment.
If a user's ~/.forward file evaluates to an empty address, the mail will be silently discarded. This has been fixed in IDA and V8 sendmail.
A program run from a ~/.forward file is always run on the machine running sendmail. That machine is not necessarily the same as the machine housing the ~/.forward file. When user home directories are network-mounted, it is possible that one machine may support the program (such as /usr/ucb/vacation), while another may lack the program or call it something else (such as /usr/bsd/vacation). Note that if smrsh(1) is used, the path is ignored.