Perl doesn't know that sendmail isn't going to use its $PATH variable to spawn a subprocess. For this reason any call to system() or qx() or `command...` will balk if $ENV{PATH} is tainted, and it will always be tainted when Perl first starts. The solution is to just add the line

$ENV{PATH} = "/bin";
[download]

at the start of any script that runs with -T. You can add more directories to the path such as /usr/bin at your discretion, but the directories had best not be writable by malicious users.