Incompatible changes
--------------------
- RFC 8301: RSA-SHA1 verification refused unconditionally;
  On-WeakAlgorithm controls milter disposition only (no accept path).
  RSA-SHA1 signing also disabled.

New features
------------
- Add On-WeakAlgorithm config option for rsa-sha1 disposition
- Add CheckSigningTable config option and -g/-G command-line flags
- Add opendkim-genzone -s flag; zone output is now reproducible
- Accept optional fourth KeyTable field for signing algorithm
- systemd Type=notify readiness signalling and watchdog keep-alive
- systemd service hardening directives
- opendkim -V prints full build configuration
- DKIM_FEATURE_ED25519 capability flag; t-test204/205 multi-signing tests

Removals
--------
- Remove K&R __P() portability wrappers
- Remove smfi_insheader() compatibility stub for sendmail < 8.13.0
- Remove dead conf_singleauthres config field

Bug fixes (selected)
--------------------
- Fix dkim_sign() l= body-length tag emission
- Fix header field-body character validation tautology
- Fix assert crash in dkim_canon_selecthdrs
- Fix DKIM_SIG_CHECK operator precedence
- Fix odkim.del_header() instance selection
- Fix milter capabilities for FinalPolicyScript hooks
- Fix NoHeaderB suppression of A-R header.b
- Fix A-R authserv-id/job-id quoting (RFC 8601)
- Fix DNAME RR skipping in DKIM key and failure-report DNS lookups
- Fix libunbound /etc/resolv.conf loading
- Fix memory leaks and orphaned-list bug (issue #272)
- Fix endpwent() on early returns from key safety checks (issue #198)
- Fix stack overflow in miltertest on oversized REPLBODY
- Fix dkimf_lua_writer for Lua 5.5 end-of-dump
- (and ~30 further fixes; see RELEASE_NOTES)

Code quality
------------
- -Wconversion / -Wsign-conversion remediation complete across all targets

Build (optional developer tools)
---------------------------------
- OPENDKIM_ENABLE_STRICT_C for ISO C17 strict-conformance testing
- Valgrind Memcheck and Helgrind CTest targets
- MemorySanitizer (MSan) support in Sanitizers.cmake