mta_sts: Switch to enforce mode and bump max_age to 30 days

Checking the SMTP TLS reports, the last failure was 2021-12-10/11 from
Mail.ru and 2021-08-28/29 from Google.

Bumping the max_age to 30 days as the RFC states: "To mitigate the risks
of attacks at policy refresh time, it is expected that this value
typically be in the range of weeks or greater."[1].

[1] https://datatracker.ietf.org/doc/html/rfc8461
2 jobs for master in 36 seconds (queued for 2 seconds)