[CentOS] sendmail substitute?

> What could be so insecure about using sendmail localy?
> Don't start the daemon, so it is not listening...
> Or the firewall will block the port anyway...
> If the mail is sent to a trusted mail server, there is no risks.
> Am I missing something?
>
On a hardened, production, well configured server that strategy would 
simply be a part of a "Defence-in-Depth" security strategy.

What's the worst that could happen?