Add support for SMTP TLS reports

When enabled the tlsrpt services will send out aggregated reports about
TLS connections the local Postfix made to interested parties, who set up
a `_smtp._tls` TXT record with a rua attribute.

Introduces mailserver.systemContact to specify an administrative contact
advertised in these automated reports.

mail-server/postfix.nix

@@ -242,6 +242,16 @@ let
 in
 {
   config = lib.mkIf cfg.enable {
+    # SMTP TLS error reporting (RFC 8460)
+    services.tlsrpt = {
+      inherit (cfg.tlsrpt) enable;
+      configurePostfix = true;
+      reportd.settings = {
+        organization_name = cfg.systemName;
+        contact_info = "${cfg.systemContact}";
+        sender_address = "noreply-tlsrpt@${cfg.systemDomain}";
+      };
+    };
 
     # SMTP client policy mapping for DANE (RFC 6698) and MTA-STS (RFC 8461)
     services.postfix-tlspol = {