I am sorry for my absence from posting and general help, I had family problems that consumed my time.
Yes, Spacedust posted a script which a hacker was using on his server. It was checking for qmail and then sending mail directly through qmail.
I had a fix, but again, posting the fix gives the hacker the key as well. I am working on a fix now. I actually have it done, just need to test a bit more. The script is going to essentially rename the qmail sendmail original to a random name, and save this into the new sendmail wrapper conf automatically. This will stop any direct use of qmail sendmail. I also optimized the code again, since I hit about 2000 mail in/out for a legitimate customer, and found a place in the code that needed it.
I will post the new files and information as soon as possible. Again, sorry for the delay and my absence.