But... as rightful member of sbbs_t, thus useful from other scopes.

Should get rid of all use of SYNC/ASYNC now then.

Before now, if the sysop enabled login-by-user-number and the specified login
ID *started* with a decimal digit, it'd be treated as a user number and
converted to a 32-bit integer. This could result in weird stuff, like this
error I got today:
SMTP ... !ERROR -2 getting data on user (7000401005.gc7gg@synchro.net)

7,000,401,005 is clearly greater than the number of users in my user base
on Vert, but since 7B is > 2.1B (0x7fffffff), the number would be parsed as
a *negative* integer value and thus less than the total number of users in my
userbase.

An obvious solution would be to just turn of login-by-user-number, and for
most systems, I suggest doing that (a system is less secure with it enabled).

However, I want to leave the option for sysops (at least for now) and don't
want this weird behavior so, a login by user number now requires that the
entire login ID is just decimal numbers, nothing else, and the number is
parsed as an unsigned integer. So yes, roll-over can happen for very high
numbers (>4.2B), but in no instance will the number be parsed as negative and
thus lead to an invalid user record look-up attempt.

Previously, there was no real way to tell if the call to telnet_gate() or rlogin_gate() was successful (e.g. to display or an error message to the user), though there were error/warning messages logged for the sysop. Equivalent JS bbs object methods now return Boolean too.

Include ":port" part of address argument to bbs.[telnet|rlogin]_gate methods in JSDOCS.

Removed a bunch of extraneous (copy-pasted?) JS_SET_RVAL() calls from js_bbs.cpp. This just makes the code a little easier to grok.

1) In the BBS list, show flow control, not TCP port
2) Properly ignore DCD

These methods aren't normally needed (msg scan config/ptrs are
automatically loaded upon logon and saved upon logoff), but for users
(e.g. sysops) that can be logged-in concurrently or experimenting with
scans, these methods can be useful and I plan to expose in a loadable
module next.

Clarify the JS bbs.reinit_msg_ptrs() method description a bit.

This fixes issue #62

Right now, the only preference is reverse mail listings (oldest first
or newest first). These settings are only used when reading "your mail",
not any other kind of mail reading.

bbs.read_mail() now returns the user-adjusted loadmail_mode value and
this allows us to determine the user's preferences and save them after
this function/method is called. A readmail_mod can now return a number
(other than 0) and that will be used as the return value of this method.

sbbs_t::readmail() now does the adjustment of the passed lm_mode before
calling any installed readmail_mod, so if for example, deleted message
viewing is enabled by the sysop, those LM_* flags might be set now in
the argument to the readmail_mod, wherase they never would before.

There is not yet any way for the sysop to set a new user's default
mail_settings, they'll just default to 0 for now.

email_sec.js will get some adjustments to use/store the
user.mail_settings next.

Handles integer overflow in the summing of user's credits and remaining daily
free credits.

Caught by a GCC warning.

Upon successful download of a file, recalculate and store the user's download CPS (characters/bytes per second), mainly for subsequent transfer time estimates.

In a minute, this CPS value will be of more use since it'll be reflective of the user's actual download rate (in characters/bytes per second) instead of just some randomly-chosen numeric constant.

Will track the user's last succsesful file-download transfer rate
in characters (bytes) per second.

I'm not calculating or storing this rate yet, but will be soon. This
will make the file download ETAs more realistic and no longer
hard-coded to 3000 cps (which now defaults to 10000 cps, to keep up
with the times).

New field added to user.tab placed adjacent to the other File xfer stats,
which means the leech attempt counter (likely always 0) was moved to the end
of the user record.

If a file gets added to a batch download queue that a user doesn't have download-access to (at the time of batch download), deal with that gracefully and consistently.

start_batch_download():
- Now checks current user access to download the file in both single-file and batch modes
- Now performs credit-check in single-file mode (wasn't doing so previously)
- totalsize of multi-file batch download queue is now calculated again (apparently removed/broken in the new filebase conversion of v3.19), so download ETA should be calculated more accurately (?) again
- Use gettimetodl() to calculate each file's download time for multi-file downloads
- Using new putnode_download() method to write node downloading "action" and ETA-in-aux fields
- The node status wasn't being updated at all before start of download in single-file mode - fixed

create_batchdn_lst() :
- Checks each file still downloadable by the user and if not, removes from the queue (and the generated list file).
- Performs credit check and removes files that exceed available user credit
- returns true only when 1 or more files is added to the batch download list file

addtobatdl()
- Removed redundant 'D' restriction check - this is handled by can_user_download() check already.
- Use the 'reason' out parameter from can_user_download() to determine which error string to display (not always CantDownloadFromDir).

If a user doesn't have access to download a file that's in their batch queue, remove it without saying anything to the user (but log a notice-level message about it) during logon. Files that no longer exist in the filebase are treated the same way.

Eliminate some copy/pasta.

Default to 100000 (cps) if passed a rate_cps argument value of 0.

Migrated from sbbs_t::start_batch_download(), this just calculates the ETA (of transfer completion) and writes to the node's aux field in the proper format.

These text.dat strings require an argument (and normally used with the NOACCESS @-code which uses the noaccess_str and noaccess_val member variables), so not appropriate to use as a reason code here. Use more generic (no argument) text.dat item numbers instead.

Fixes a stale non-zero error_count retained topic.

Pretty much any From field that contains an '@' in the username portion
was subject to comparison to the full email address, but clearly some of
these rejected emails were not forge attempts:

'Chris @ StubHub' vs 'events@mail.stubhub.com'
'Eric S. Raymond (@esr)' vs 'gitlab@mg.gitlab.com'

Fixed by requiring that the sender name is actually a well-formed Internet
email address using smb_netaddr_type(), which was also recently improved to
be more accurate.

Unrelated change: include reverse-path (email address for bounces) in
ILLEGALLY-LONG body and header line log messages (usually SPAM from what
I can tell).

... instead of undefined, to match what the documentation already stated.

smb_netaddr_type():
- if passed NULL or a string that begins with whitespace, now returns NET_NONE.
- if passed a string that begins with '@', now returns NET_UNKNOWN.
- if the user.name portion of an otherwise value Internet email address
  contains a space, now returns NET_NONE.

smb_get_net_type_by_addr()
- if passed a string that begins with '@', now returns NET_UNKNOWN.
- if passed a string with space following '@', will now return NET_UNKNOWN.
- if passed a string without a dot following '@', will never return NET_INTERNET.

Unrelated change: Add the missing FILE attribute to smb_msgattrstr()

SMTP commands have a shorter limit (510 versus 998) and the body text line limit needed to account for dot-stuffing. 

Log a warning message and send a "500 Line too long" before disconnecting any SMTP client that sends lines > 998 characters in length. Technically, we can handle lines up to 1023 characters, but then we could get out of sync with the client if it sends exactly 1023 chars and then a new-line char (which we would interpret as a blank line, separating the message header and body) - so just punt the client who doesn't obey the rules of the protocol.

Update newuserdefaults() to use the new sysop-configured Chat and QWK new user settings/values (commit 56b8fd86).

Use newuserdefaults() in newuser.cpp and makeuser.c, eliminating a lot of copy/pasta.

Added chat-settings to SCFG->System->New User Values->Toggle Options
Added new menu: SCFG->System->New User Values->QWK Packet Settings

Moved SCFG->System->New User Values->Question Toggles to:
      SCFG->System->New User Prompts...

This fixes issue #11

This includes a new JS bbs method: bbs.chat_sec()

And the old command shells written in Baja now call the PCMS
chat_section function, as they used to, rather than hard-coding the
name of the module to execute.

Most sysops didn't know it, but if exec/feedback.* existed, it would be
executed just before any user sent an email to the sysop (user #1),
excluding new user validation requests:
- make this module name configurable and loadable from mods
- support JS module here (exit(1) to abort the feedback)
- invoke for email being sent to *any* sysop (not just user #1)
- don't invoke the module when sending *from* a sysop account

This fixes issue #16

This fixes issue #525

Thanks to Nelgin for providing the test platform.

You want to replace the built-in batch file transfer menu with your own
loadable module across all command shells? Now you can.

Apparently I missed this in commit bcce78c6.

Many dynamically-generated (e.g residential) hostnames are much > 30
chars. And we can now increase user.tab fields fairly arbitrarily, so
let's. :-)

Also rename LEN_COMP to LEN_HOST. Some day I'll change all the user_t
comp references to 'host', but not today.

Reversed the order of the pwmod date and the password itself.
The number of chars of the user's password displayed depends on the
terminal width. e.g. on an 80 column terminal, 18 chars will be
displayed. If the user's password is longer than what can be displayed,
this is indicated with a trailing "..". Wider displays (e.g. 132 column)
can display all 40 chars of a user's password.

This fixes issue #442

When passwords aren't displayed (due to sysop configuration), show
"<hidden>" instead of "XXXXXXXX" to make that more clear.