feat: add LightBridge Mail Service sidecar scaffold

[WilliamWang1721]

Summary

This continues executing the LightBridge Mail Service plan with a Phase 1 sidecar scaffold that can now survive process and container restarts.

Added:

• Optional mailservice sidecar Go module.
• /mail/v1 HTTP API scaffold.
• LBMS API key authentication for non-health routes.
• Durable LBMS-owned JSON store controlled by LBMS_DATA_PATH.
• Atomic write path for mailbox and OAuth binding metadata.
• Mailbox list API for the mailbox pool UI.
• Account mailbox-link lookup API.
• Bidirectional mailbox and OAuth binding model.
• One mailbox to many OAuth account bindings.
• One active mailbox binding per OAuth account.
• Verification-code proxy path through an internal mail driver.
• Optional Docker Compose deployment file with a named persistent data volume.
• Optional systemd unit and installer script.
• LightBridge UI module manifest and frontend scaffold.
• Mail service home and mailbox pool UI now read live /mail/v1/mailboxes metrics.
• Unit tests for persistence, one-mailbox-to-many-OAuth bindings, and account mailbox reassignment.

Design constraints preserved:

• User-facing brand is LightBridge Mail Service / LBMS.
• LightBridge core is not modified.
• LightBridge account extra should only persist lbms_link.
• Lower-level mail driver details remain internal.
• Mailbox records and OAuth binding metadata live in the LBMS sidecar store, not in the LightBridge main account table.

Current limitations

• Store is durable but still a single-node JSON file; SQLite/PostgreSQL remains the preferred production target for high write concurrency.
• LightBridge API Key verification is not implemented yet; Phase 1 uses LBMS_API_KEY.
• Frontend settings currently use browser storage as a scaffold.
• OAuth post-save binding flow still needs integration with the account save lifecycle.
• Audit log API and rate limiting are not implemented yet.

Local verification

Ran locally in the mailservice module:

go test ./...
node --check examples/modules/lightbridge-mail-service/frontend/remoteEntry.js

Next implementation targets

• Add audit log model and endpoints.
• Add LightBridge API Key verification adapter.
• Replace frontend browser storage with LightBridge module settings/secrets.
• Wire OAuth account save flow to link-or-create and write only extra.lbms_link.
• Add production database adapter after the API shape stabilizes.