Here's the security setup that's required:
--create the role in msdb
USE [msdb]
GO
/****** Object: DatabaseRole [CanSendEmail] Script Date: 11/03/2005 09:31:08 ******/
CREATE ROLE [CanSendEmail] AUTHORIZATION [dbo]
grant select on sysmail_account to CanSendEmail
grant select on sysmail_profile to CanSendEmail
grant select on sysmail_profileaccount to CanSendEmail
grant execute on sysmail_add_principalprofile_sp to CanSendEmail
grant execute on sysmail_add_profileaccount_sp to CanSendEmail
grant execute on sysmail_add_account_sp to CanSendEmail
grant execute on sysmail_add_profile_sp to CanSendEmail
grant execute on sp_send_dbmail to CanSendEmail
--create the login
CREATE LOGIN [emailonlyuser] WITH <A href="mailtoASSWORD=N's@'">PASSWORD=N'somepassword', DEFAULT_DATABASE=[yourdatabase], DEFAULT_LANGUAGE=[us_english], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF
GO
use yourdatabase
GO
exec sp_adduser 'emailonlyuser'
Grant execute on prcSendmail to emailonlyuser
GO
Use MSDB
GO
exec sp_adduser 'emailonlyuser','emailonlyuser','CanSendEmail'
GO