Log Message:
Update from 2.4.4 to 2.5.0.

This is a major release, adding a number of feature requests and making
some changes in line with recent changes to relevant IETF specifications.
In particular, one configuration file item has been renamed.  Please me
familiar with the changes as described below before upgrading.

The formal release notes entry:

2.5.0		2008/03/06
	Add "AutoRestartCount" and "AutoRestartRate" configuration
		parameters to limit runaway restart loops.
	Feature request #SF1735573: Add "AlwaysAddARHeader" option, which
		will add an Authentication-Results of "none" for unsigned
		messages from domains without a "strict" policy.
	Feature request #SF1807748: Reload the configuration file on
		receipt of SIGUSR1.  Requested by Florian Sager.
	Feature request #SF1811969: Add _FFR_BODYLENGTH_DB which adds a
		"BodyLengthDBFile" feature, allowing a per-recipient decision
		on whether or not to use an "l=" tag when signing.  Patch
		contributed by Daniel Black.
	Feature request #SF1841955: Add an "Include" facility to the
		configuration file.
	Feature request #SF1876941: Make the syslog facility selectable.
		Based on a patch from Jose-Marcio Martins da Cruz of Ecole
		des Mines de Paris.
	Feature request #SF1876943: Add _FFR_AUTHSERV_JOBID allowing the
		job ID to be included as part of the "authserv-id" in
		Authentication-Results: headers.  Based on a patch from
		Jose-Marcio Martins da Cruz of Ecole des Mines de Paris.
	Feature request #SF1890581: Attempt to clean up a UNIX domain
		socket in the non-AutoRestart case as well.  Requested
		by Daniel Black.
	Add "MilterDebug" configuration file option for requesting debugging
		output from the filter.
	Add "FixCRLF" configuration file option which activates the
		DKIM_LIBFLAGS_FIXCRLF flag (see below).
	Update to draft-ietf-dkim-ssp-03.  In doing so, rename the
		"UseSSPDeny" configuration option to "UseASPDiscard".
	Handle an error from dkim_getsighdr() properly in mlfi_eom().
	When VERIFY_DOMAINKEYS is active, don't short-circuit mlfi_eoh()
		between dk_verify() and dk_eoh() or a segmentation fault below
		dk_body() could result.
	LIBDKIM: Feature request #SF1823059: Export key, signature and
		policy syntax checking capability via the API.  Based on
		a patch from Chris Behrens of Concentric Network Corporation.
	LIBDKIM: Assert defaults for "c" and "q" tags when parsing
		signature headers.  Patch from Chris Behrens of Concentric
		Network Corporation.
	LIBDKIM: Better handling of truncated DNS replies; instead of
		just giving up if the "tc" (truncated) bit is set in the
		reply, see if there was enough of a reply returned to be able
		to complete the request.
	LIBDKIM: Fix recycling bug in header canonicalizations which was
		causing signatures other than the first one to fail in most
		cases.
	LIBDKIM: Add new dkim_chunk() interface.
	LIBDKIM: Enforce DKIM_OPTS_QUERYMETHOD library option even if there
		were no valid signatures.
	LIBDKIM: New DKIM_LIBFLAGS_FIXCRLF which requests that "naked"
		CRs and LFs be converted to CRLFs during canonicalization
		when signing.
	LIBDKIM: Fix bounds checking in dkim_canon_selecthdrs().
	LIBAR: Eliminate a possible race condition in ar_dispatcher().
	LIBAR: Timeouts passed to select() can't be bigger than 10^8.
		Problem noted by S. Moonesamy of Eland Systems.
	BUILD: Feature request #SF1876242: Install the filter in EBINDIR
		and everything else in UBINDIR.