I'm wondering what people do to restrict their users from sending mail from the webserver with any sender they want?

I've disabled the mail() function and I've read something about formmail but haven't really got then hang of it. Does it allow me to specify a sender that will be standard for a specific site which they can't change?

Does anyone have a link or something to a formmail script?

I want my users to be able to have a contact form on their site but not so they can specify the sender parameter by them self. I've seen sites which gotten hacked and the hacker used it to send shitloads of spam from different sender-addresses.
So how do I prevent this?