one possibility to bypass the username:password is to hack getmail.php (located in blogs/htsrv)

just modify the 2 following lines (lines 200 and 201)

$user_login = trim($blah[0]);
$user_pass = @trim($blah[1]);

into

$user_login = "username";
$user_pass = "password";

But obviously, any one who gets your mail adress and subjectprefix will then be able to post to your blog ;o)

Another quick thought ... (untested, but I don't see why it wouldn't work)

If your email address is unique, why not make it uniquer?

I mean, you could hide the username and password in the email address, then reprogram getmail.php to extract it from the "From" field.

Like, you could put the username / password in backwards and bury it in a bunch of other letters.

Extract it in the getmail.php file, strip the letters, reverse them and voila ... you've got your username and password without having to add it to the body of the email message each time.

Just a idea.

-stk :D