How is there not an "SSL padlock" type feature in email clients based on, say, the DKIM signature?<p>Sure it won't tell you that the actual person sent it, just that it came from a particular server. But it's nearly impossible at that point to even pretend to be anything@whitehouse.gov if you're missing the DKIM sig.