mail/mailman: 2.1.38 security fixing CSRF vuln
While here, fix pkg-message to mention -exim4 and -postfix
derived ports that override the default MTA.
Security: 0d6efbe3-52d9-11ec-9472-e3667ed6088e
Security: CVE-2021-44227
MFH: 2021Q4
(cherry picked from commit 87f0f372e4b844f16b8c6e7bd3bc68ecf703c17f)