feat(smtp): capture full messages + attachments to disk

SMTP template now writes each accepted DATA body as a .eml file into a
bind-mounted per-decky quarantine dir and emits a `message_stored` log
with sha256, size, decoded headers, and an attachment manifest
(filename + sha256 + size + content-type). Attachment hashing uses the
*decoded* payload so operators can match against VT / MalwareBazaar
directly. Body accumulator is capped at SMTP_MAX_BODY_BYTES (default
10 MB, matching the EHLO SIZE advert) so a streaming client can't OOM
the container.

The existing /api/v1/artifacts/{decky}/{stored_as} endpoint now takes
an optional ?service= query param (defaults to ssh for back-compat)
and can serve .eml files out of the smtp subdir. Forensic metadata
rides the normal log pipeline, same as SSH file_captured.

tests/test_smtp_relay.py

@@ -26,3 +26,17 @@ def test_smtp_relay_dockerfile_context():
     ctx = svc.dockerfile_context()
     assert ctx.name == "smtp"
     assert ctx.is_dir()
+
+
+def test_smtp_relay_quarantine_bind_mount():
+    """Full-message capture: each decky gets its own host quarantine dir
+    bind-mounted into the container, and the in-container path is exposed
+    via SMTP_QUARANTINE_DIR so the server can write .eml files."""
+    svc = SMTPRelayService()
+    fragment = svc.compose_fragment("test-decky")
+    volumes = fragment["volumes"]
+    assert len(volumes) == 1
+    host, container, mode = volumes[0].split(":")
+    assert host.endswith("/test-decky/smtp")
+    assert container == fragment["environment"]["SMTP_QUARANTINE_DIR"]
+    assert mode == "rw"