I'd prefer a PGP signed message, but I know that
the people who use S/MIME would probably object.
It doesn't matter what the email is signed with I'd still go
to the site to confirm
It would be too easy to get many people to pull an entry from a filter
with a forged message and have the space used "improperly".
There's easier space to steal though they may like the challenge of
doing it in your face. Better to trust that Rob Thomas has done due
diligence than rely on email a virus may have generated (signed or not)
brandon