The ESPs that process mail, such as xp_findnextmsg, xp_readmail, xp_sendmail, and xp_deletemail, are database objects owned by the system administrator.
To prevent unauthorized users from accessing Sybmail to execute queries that they would normally not be able to execute, limit execution permission of these procedures to users with the sa_role or to a very small group of users.