The excuse given for removing the automatic update of the aliases database file was that it was a security issue. The thought was that someone could tapper with the file and cause problems. However, all these files are checked for proper file permissions and if they are not set correctly, sendmail will not work or at least give a warning. If someone nasty has permission to change the aliases text file, then they have permission to reck a lot more havoc on your system anyways and this change isn't going to help any. Personally, having sendmail do it itself is safer than me doing it manually. What if I'm in the process of updating the file at the same moment sendmail needs it. Sendmail could read a partial file and cause more problems. I see this already with the access file. With sendmail doing it on it's own, I don't have to worry about it. It will update it when it needs to.