refer
http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/
Though this is a fatal (sudden-death) vulnerability, it is not the default setting.
If you dare to change the value of mailmethod from "php mail()" to "sendmail", change it to the other values.
I've just released Protector-3.04 with this check.
If you leave such a setting, protector alerts "phpmailer security hole! Change the preferences of mail from "sendmail" to another, or upgrade the core right now!" to you.