First, you have already been hacked - whether it was from an inside source or outside. You need to build a new server (if possible) and replace the old keeping the old for investigation into who did what.
If you can't do that, then disconnect the server, rebuild it, shut off all services after rebuilding but add ssh to the server. Insure your version of Sendmail is set up to not allow relays. Make sure your group is the only one with root. Don't allow root remote logins. Put it back on-line.
Check out the following links:
To check if you are a open-relay:
Network Abuse Clearinghouse
If you are using Sendmail:
Sendmail
Solaris 7 may have the Sunscreen Lite product for free - use it and
read up on securing your Solaris server.
If you are running more than Sendmail on the server, remove the other apps and put them on their own box. The more a hacker has to use against you the worst off you are.
Search Sunsolve BigAdmin