Attacks from remote systems generaly rely on Sendmail commands that should be disabled. DEBUG and SHOWQ commands should be disabled on any release version of Sendmail.

Information about users can be gained using VRFY and EXPN commands. These can be disabled with an option in Sendmail.