mail(tripit): send From: plans@viktorbarzin.me instead of spam@

tripit outbound (linked-email verification + trip-share invites) was sent
From: spam@viktorbarzin.me. Switch the From to plans@viktorbarzin.me while
keeping SMTP auth as spam@ (its password, unchanged).

docker-mailserver SPOOF_PROTECTION (reject_sender_login_mismatch) requires
the authed login to "own" the From; the @viktorbarzin.me catch-all does NOT
grant that per-address, so add an explicit `plans@ -> spam@` virtual alias to
authorize it (also keeps inbound plans@ routing to spam@ for the mail-ingest
poller). tripit SMTP_FROM flips to plans@.

Verified: sender-login probe (auth spam@, MAIL FROM plans@) now 250 (was 553);
a real send from the tripit pod logs from=<plans@viktorbarzin.me> accepted.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

stacks/mailserver/modules/mailserver/extra/aliases.txt

@@ -3,3 +3,10 @@ closely-keith-generated@viktorbarzin.me vbarzin@gmail.com
 literally-paolo-generated@viktorbarzin.me viktorbarzin@fb.com
 hastily-stefanie-generated@viktorbarzin.me elliestamenova@gmail.com
 vaultwarden@viktorbarzin.me me@viktorbarzin.me
+
+# plans@ -> spam@: authorizes tripit (SMTP-authed as spam@) to send mail
+# From: plans@viktorbarzin.me under docker-mailserver SPOOF_PROTECTION (the
+# smtpd_sender_login_maps union exact-matches this alias to spam@; the @domain
+# catch-all does NOT, so an explicit entry is required). Also keeps inbound
+# plans@ routing to spam@ for the tripit mail-ingest poller.
+plans@viktorbarzin.me spam@viktorbarzin.me