email-mirror: Add a standalone server that processes incoming email.

Using postfix to handle the incoming email gateway complicates things
a great deal:

- It cannot verify that incoming email addresses exist in Zulip before
  accepting them; it thus accepts mail at the `RCPT TO` stage which it
  cannot handle, and thus must reject after the `DATA`.

- It is built to handle both incoming and outgoing email, which
  results in subtle errors (1c17583ad5, 79931051bd, a53092687e,
  #18600).

- Rate-limiting happens much too late to avoid denial of
  service (#12501).

- Mis-configurations of the HTTP endpoint can break incoming
  mail (#18105).

Provide a replacement SMTP server which accepts incoming email on port
25, verifies that Zulip can accept the address, and that no
rate-limits are being broken, and then adds it directly to the
relevant queue.

Removes an incorrect comment which implied that missed-message
addresses were only usable once.  We leave rate-limiting to only
channel email addresses, since missed-message addresses are unlikely
to be placed into automated systems, as channel email addresses are.

Also simplifies #7814 somewhat.

scripts/restart-server

@@ -110,6 +110,8 @@ if has_application_server():
     # the restart is fine, as clients will transparently retry.
     workers.append("zulip-tus")
 
+    workers.extend(list_supervisor_processes(["zulip-email-server"]))
+
 if has_process_fts_updates():
     workers.append("process-fts-updates")
 

scripts/stop-server

@@ -51,6 +51,7 @@ if has_application_server():
     services.append("zulip-workers:*")
     services.append("zulip-tus")
     services.append("zulip-katex")
+    services.append("zulip-email-server")
     if has_application_server(once=True):
         # These used to be included in "zulip-workers:*"; we may be
         # stopping an older version of Zulip, which has not applied