Since the maintainer password is send in cleartext with the x_command interface of SmartList I made some scripts and patches to enable SmartList to process x_commands with encrypted passwords. The encryption mechanismn is Twofish. Encryption can be enabled/disabled with a variable in rc.custom. Two small patches for rc.request and the x_command script are necessary.
Grab it at
ftp://ftp.pure.ch/smartlist/
It's called xc_sec-0.1.tar.gz.
Werner