Remove alert type in ossec email subject line

[emkll]

Status

Ready for review

Description of Changes

Fixes #3882 .

Setting maild.full_subject=1 for ossec >= 3.0.0 will ensure alert does not appear in the email subject line (and thus unencrypted as it is sent to the admin).

Setting it in local_internal_options will ensure that it is not squashed by changes in internal_options that is shipped as part of the ossec-server package.

It appears the logic was inverted in 3.0.0 (via ossec/ossec-hids@f4cf191)

Thanks @zenmonkeykstop for finding the bug and pointing me towards the maild.full_subject configuration option!

Testing

make build-debs and install securedrop-ossec-server-3.0.0+0.10.0(~rcX).deb produced by this branch.
Observe the emails do not contain the alert type in subject line.

Deployment

Upgrades and new installs will be ensured by securedrop-ossec-server deb package.

Checklist

If you made changes to the system configuration:

• Configuration tests pass

If you made non-trivial code changes:

• I have written a test plan and validated it for this PR

[zenmonkeykstop]

Tested as described, built debs and installed on Mac Mini mon server.

Installed paxtest on app server via dpkg to trigger OSSEC, got email with subject and body:
OSSEC Notification - (app) - Alert level 7

OSSEC HIDS Notification.
2018 Oct 18 15:49:24

Received From: (app) 10.20.2.2->/var/log/dpkg.log
Rule: 2902 fired (level 7) -> "New dpkg (Debian Package) installed."
Portion of the log(s):

2018-10-18 15:49:24 status installed paxtest:amd64 1:0.9.11-2



 --END OF NOTIFICATION



OSSEC HIDS Notification.
2018 Oct 18 15:49:26

Received From: (app) 10.20.2.2->/var/log/dpkg.log
Rule: 2902 fired (level 7) -> "New dpkg (Debian Package) installed."
Portion of the log(s):

2018-10-18 15:49:25 status installed man-db:amd64 2.6.7.1-1ubuntu1



 --END OF NOTIFICATION

This matches previous behaviour, so QA looks good.