Check DKIM Authentication-Results (#3583)

Fix #3507

Note that this is not intended for a release at this point! We first have to test whether it runs stable enough. If we want to make a release while we are not confident enough in authres-checking, then we have to disable it.

BTW, most of the 3000 new lines are in `test_data/messages/dkimchecks...`, not the actual code

da3a4b94 adds the results to the Message info. It currently does this by adding them to `hop_info`. Maybe we should rename `hop_info` to `extra_info` or something; this has the disadvantage that we can't rename the sql column name though.

Follow-ups for this could be:
- In `update_authservid_candidates()`: Implement the rest of the algorithm @hpk42 and me thought about. What's missing is remembering how sure we are that these are the right authserv-ids. Esp., when receiving a message sent from another account at the same domain, we can be quite sure that the authserv-ids in there are the ones of our email server. This will make authres-checking work with buzon.uy, disroot.org, yandex.ru, mailo.com, and riseup.net.
- Think about how we present this to the user - e.g. currently the only change is that we don't accept key changes, which will mean that the small lock on the message is not shown.
- And it will mean that we can fully enable AEAP, after revisiting the security implications of this, and assuming everyone (esp. @link2xt who pointed out the problems in the first place) feels comfortable with it.

test-data/message/dkimchecks-2022-09-28/alice@fastmail.com/alice@icloud.com

@@ -0,0 +1,41 @@
+ARC-Authentication-Results: i=1; mx4.messagingengine.com;
+    x-csa=none;
+    x-me-sender=none;
+    x-ptr=pass smtp.helo=qs51p00im-qukt01072701.me.com
+    policy.ptr=qs51p00im-qukt01072701.me.com;
+    bimi=declined (Domain declined to participate);
+    arc=none (no signatures found);
+    dkim=pass (2048-bit rsa key sha256) header.d=icloud.com
+    header.i=@icloud.com header.b=QwCPOZZR header.a=rsa-sha256
+    header.s=1a1hai x-bits=2048;
+    dmarc=pass policy.published-domain-policy=quarantine
+    policy.published-subdomain-policy=quarantine
+    policy.applied-disposition=none policy.evaluated-disposition=none
+    (p=quarantine,sp=quarantine,d=none,d.eval=none) policy.policy-from=p
+    header.from=icloud.com;
+    iprev=pass smtp.remote-ip=17.57.155.16 (qs51p00im-qukt01072701.me.com);
+    spf=pass smtp.mailfrom=alice@icloud.com
+    smtp.helo=qs51p00im-qukt01072701.me.com
+Authentication-Results: mx4.messagingengine.com;
+    x-csa=none;
+    x-me-sender=none;
+    x-ptr=pass smtp.helo=qs51p00im-qukt01072701.me.com
+      policy.ptr=qs51p00im-qukt01072701.me.com
+Authentication-Results: mx4.messagingengine.com;
+    bimi=declined (Domain declined to participate)
+Authentication-Results: mx4.messagingengine.com;
+    arc=none (no signatures found)
+Authentication-Results: mx4.messagingengine.com;
+    dkim=pass (2048-bit rsa key sha256) header.d=icloud.com
+      header.i=@icloud.com header.b=QwCPOZZR header.a=rsa-sha256
+      header.s=1a1hai x-bits=2048;
+    dmarc=pass policy.published-domain-policy=quarantine
+      policy.published-subdomain-policy=quarantine
+      policy.applied-disposition=none policy.evaluated-disposition=none
+      (p=quarantine,sp=quarantine,d=none,d.eval=none) policy.policy-from=p
+      header.from=icloud.com;
+    iprev=pass smtp.remote-ip=17.57.155.16 (qs51p00im-qukt01072701.me.com);
+    spf=pass smtp.mailfrom=alice@icloud.com
+      smtp.helo=qs51p00im-qukt01072701.me.com
+From: <alice@icloud.com>
+To: <alice@fastmail.com>