Seriously? Anyone who ran sendmail in the mid to late '90s can't help but remember the "Sendmail bug of the month club." Remote root exploits all the time. This was well into the sendmail 8 days. This was a big incentive for things like qmail and postfix to start from scratch with a much better security architecture.
Any look at "lessons from 30 years of sendmail" that doesn't include the terrible security story isn't serious at all.