smrsh
Many hacks depend(ed) on weaknesses of sendmail
smrsh (sendmail-restricted-shell) limits what can be invoked from sendmail shell
There seems to be some disagreement over whether this is still needed with latest versions of sendmail
Notes:
Many hacks in the past have relied upon weaknesses of sendmail, that allowed powerful shell commands to be exploited. the sendmail restricted shell, smrsh, was devised to limit the potential for damage.
The relevant page at CERT still seems to advocate the use of smrsh. However, other informants have suggested that the latest versions of sendmail are no longer fundamentally vulnerable, and that smrsh is no longer needed. I am unsure of the rights and wrongs of this at present.