Fix Level 2 validity for WKD keys

* src/mail.cpp (Mail::updateSigstate): Fix validity for signed
mails with keys from WKD.

The sig.summary is not valid in that case. But the verification
does not have an error. With the additional checks for Unknown
or Marginal validity and if we have a key with the user id
from WKD we can still make it level 2.

The old code was probably only tested with tofu+pgp trust
model.