If you run a mail server with sendmail, and a user wants to forward his mail to another server, one way is /etc/mail/virtusertable:

joe@example.com         joe@gmail.com

As you probably know, the sender address of most spam mails belongs to someone - not the spammer of course. If you refuse to accept a spam email, you must never send back an error email to the alleged sender address. Otherwise, you have become a source of unsolicited email yourself.

When in our example, gmail.com does not accept an email, your server will send an error mail to the alleged sender address.

If you watch your postmaster mailbox, you will notice this every time the alleged sender address is invalid. You might be tempted to suppress these postmaster notifications with

define(`confDOUBLE_BOUNCE_ADDRESS', `')dnl

But this only supresses the double bounces. If the sender address is valid, someone will get an error email about spam he didn't send.

The solution is to not use virtusertable for external forwarding, but instead do it in /home/joe/.procmailrc:

:0
* ^From: Mail Delivery Subsystem <MAILER-DAEMON@example.com>
* ^To: <joe@example.com>
bounced-mails

:0
! joe@gmail.com 

In this case, the sender address is set to joe@example.com before the mail is forwarded to gmail.com, and any error messages go back to joe.