I have heard that the NMS formmail is secure. We use it as a replacement to Matt's FormMail script on our servers, and we haven't seen any spam being sent from that script. Matt FormMail script seemed to always have exploits, but they may have been just because it was popular so everyone looked for exploits. If NMS becomes popular, I'm sure some exploits will eventually be found.
As for Matt's FormMail script. I believe the latest version is 1.92. This version should fix all the previous exploits.
i haven't used it myself, but have heard good things about nms. this is what matt has to say about nms.
While the free code found at my web site has not evolved much in recent years, the general programming practices and standards of CGI programs have. nms is an attempt by very active programmers in the Perl community to bring the quality of code for these types of programs up to date and eliminate some of the bad programming practices and bugs found in the existing Matt's Script Archive code.
I would highly recommend downloading the nms versions if you wish to learn CGI programming. The code you find at Matt's Script Archive is not representative of how even I would code these days.
i've seen so many form mailers get exploited ... so using nms would most likely be a good idea.