postfix: add "trickle" transport for delayed sending of bulk messages

This change adds a "trickle" transport for sending many messages to
certain destination domains. "trickle" will send a maximum of 3 messages
per minute to prevent over-eager SPAM detectors from blocking us.

The list of destination domains is maintained manually in the
etc/postfix/transport file. Sensible defaults are included.

Signed-off-by: Thilo Fromm <thilo.alexander@gmail.com>

Dashboards: show mailserver version

This change adds displaying the current mailserver version (as per
VERSION release file) to the main dashboard. If no version can be
detected (e.g. when running from a branch, or from main) then "unknown"
is displayed.

Signed-off-by: Thilo Fromm <thilo.alexander@gmail.com>

Refresh: dovecot 2.4.2 ,apline 3.23.2, f2b-exp 0.10.3, prips 1.2.2

This commit updates dovecot to 2.4.2, refreshes the mailserver container
to the latest Alpine release and includes minor version bumps for
fail2ban-exporter and prips.

BREAKING CHANGE: Dovecot 2.4 significantly changed its configuration
format and requires manual porting. See
https://doc.dovecot.org/2.4.0/installation/upgrade/2.3-to-2.4.html
for a list of changes.

The commit updates dovecot/.. config snippets accordingly. To update:

0. Stop the mailserver: `systemctl stop mailserver`
1. Back up `_server_workspace_/etc/dovecot`.
2. Update VERSION to use mailserver v1.4.0
3. CAREFULLY Replace your mailserver's
    `_server_workspace_/etc/dovecot/...`
  with the release's
    `dovecot/...`
  0. If you did not modify any of the files, it's safe to delete
     `_server_workspace_/etc/dovecot/...`
     and just copy the release's `dovecot/...` to
     `_server_workspace_/etc/dovecot/...`.
  1. If you made modifications in files shipped with mailserver, you
     will need to port these to the new syntax.
  2. If you made modifications in default config files shipped with
     Alpine (and included in the mailserver container) you will need to
     port these, too.
4. Start the mailserver: `systemctl start mailserver` (and also any
   optional contrib or monitoring services as required).

Signed-off-by: Thilo Fromm <thilo.alexander@gmail.com>

Dockerfile: fix entrypoint warnings

Entrypoint is a JSON array now; also it's entirely uppercase to address
docker build warnings.

Signed-off-by: Thilo Fromm <thilo.alexander@gmail.com>

start_mailserver.sh: force ipv4 for port binding

Signed-off-by: Thilo Fromm <thilo.alexander@gmail.com>

dashboards: better cert expiry chart

Signed-off-by: Thilo Fromm <thilo.alexander@gmail.com>

relase.sh: record versions of important packages

Signed-off-by: Thilo Fromm <thilo.alexander@gmail.com>

Dockerfile: bump fail2ban_exporter to 0.10.1

Signed-off-by: Thilo Fromm <thilo.alexander@gmail.com>

scripts/entry.sh: fix cert renewal

Certificate renewal was broken because renewed certificates were stored
in the container's /etc/letsencrypt, which was subsequently removed and
soft-linked from /host/etc/letsencrypt.

This change fixes that by moving cert renewal after the /host/etc ->
/etc handling. It also disables certbot's random sleep before renewal
since that would impact the mailserver's startup time.

Signed-off-by: Thilo Fromm <github@thilo-fromm.de>

Update f2b-exporter to 0.9, add publish workflow

Signed-off-by: Thilo Fromm <thilo.alexander@gmail.com>