JT> I have been running been running smtp-auth for years, [...]

.... but haven't configured its password checking correctly, and the
unsolicited bulk mailers have finally spotted this.

220 roam.unifiedmind.com ESMTP
EHLO 0
250-roam.unifiedmind.com
250-AUTH LOGIN CRAM-MD5 PLAIN
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-PIPELINING
250 8BITMIME
AUTH LOGIN
334 VXNlcm5hbWU6
piddle
334 UGFzc3dvcmQ6
piddle
235 ok, ¦']à, go ahead (#2.0.0)
MAIL FROM:<Spurious@example.invalid>
250 ok
RCPT TO:<Spurious@example.invalid>
250 ok
DATA
354 go ahead

The most common configuration mistake that produces this behaviour is to
forget one of the new arguments to "qmail-smtpd" and to thus end up running
"/bin/true" as one's password checking utility.