feat(profiler): track SMTP victim domains per attacker

New SmtpTarget table records each (attacker, domain) pair observed via
the SMTP honeypots. Only the domain is stored — local-parts are dropped
at ingestion, so this table holds no user-identifying data beyond the
target organisation's identity.

The profiler worker extracts domains from rcpt_to / rcpt_denied /
message_accepted events, normalizes them (lowercase, strip local-part,
drop blocked TLDs), and upserts one row per pair with a running count +
first_seen / last_seen.

Three repo methods shipped:
  * increment_smtp_target(attacker, domain) — upsert + bump
  * list_smtp_targets(attacker) — per-attacker view
  * smtp_target_seen(domain) — cross-attacker aggregate, shaped as the
    federation-gossip RPC that V2 will expose.

The gossip-query shape is load-bearing: each operator can answer
"have any of your attackers targeted corp1.com?" without leaking
which attackers or when — the aggregate returns a bool + total count
+ first/last seen, nothing else.

decnet/web/db/models/__init__.py

@@ -30,6 +30,7 @@ from .attackers import (
     AttackerBehavior,
     AttackersResponse,
     SessionProfile,
+    SmtpTarget,
 )
 from .deploy import (
     DeployIniRequest,
@@ -137,6 +138,7 @@ __all__ = [
     "AttackerBehavior",
     "AttackersResponse",
     "SessionProfile",
+    "SmtpTarget",
     # deploy
     "DeployIniRequest",
     "MutateIntervalRequest",