Hide Forgot
Have just upgraded to RedHat 6.0 (i.e. sendmail 8.9.3) from RedHat 5.2 with sendmail 8.8.7 - forwarding has stopped working. The security improvements in sendmail stop .forward files being read from group writable directories However, out-of-the box, RedHat has User Private Groups and a umask of 002. Sendmail complains, and won't read the .forward file. This could be fixed with ODontBlameSendmail, but I feel it's a more fundamental problem. UPG is secure (ish), but sendmail can't distinguish between a secure setup with group writable dirs and an insecure one. See related problem with procmail.
If we change these security checks for sendmail to be more relaxed thenwe face the problem of the NFS mounted directories, other setups, etc. No matter how we go about it somebody will get upset either that we left the default in place or that we did not. Requiring .forward files to have 600 permission is a sensible thing to do anyway when it comes to security, regardless of the UPG being used.