[bradleyland]

There's a simple way around all of this, and it doesn't require a lot of in depth knowledge. Notice that DomainKeys says nothing about the content of the email. It's only a tool for preventing false relay (spam), not content forgery.

Let's say I email you with a simple question, you reply, and we trade emails three or four times. Gmail supports IMAP, which lets me move emails to and from my Gmail inbox without much trouble. So, all I need to do is move the mail to a server where I can alter the content (I can leave the headers intact), then copy the email back over to my Gmail inbox using an IMAP client.

I just did this using Mail.app on my Mac. It wasn't even all that time consuming. The hardest (maybe most time consuming) part would be getting a reply from Steve Jobs. I'm sure he doesn't reply to everyone.

The bottom line is that unless the mail was signed using something like PGP, it can be forged using trivial methods.