3.2.7.2. NFS and Sendmail
Never put the mail spool directory, /var/spool/mail/
, on an NFS shared volume.
Because NFSv2 and NFSv3 do not maintain control over user and group IDs, two or more users can have the same UID, and receive and read each other's mail.
With NFSv4 using Kerberos, this is not the case, since the SECRPC_GSS
kernel module does not utilize UID-based authentication. However, it is still considered good practice not to put the mail spool directory on NFS shared volumes.