Look for SMTP Auth's, and failures.

Still need password hash support of some sort still. But this is basically in there.

(The password-hash feature is for this: If a user changes their password, and forgets to update all of their devices, that device will continually generate authentication failures. I want to distinguish between retrying the same password, over and over, versus trying a whole bunch of different passwords. So I figure store a hash of the old passwords that were attempted, and don't penalize the user if they retry one that they already had tried before)