From time to time, people ask me what the odd attachment is on the mail I send, and worry that I might have a virus. This attachment, which on Windows platforms is named with a ".dat" suffix, is in fact a digital signature, and you can use it to verify that the mail is indeed from me and not somebody pretending to be me.
Many mail readers now support the decoding of digital signatures, and there are several standards for this. The one I use is called PGP/MIME.
If you want, you can happily ignore the signature, but be aware that I can't vouch that the mail you receive is indeed from me. Alternatively, you can install PGP software for your email reader. The advantage of doing this is that then you can also sign your mail, so I have confidence a message is from you. You can also send encrypted mail, being sure that the person to whom you send the mail is the only person who can read it.
There is a handy page giving details of free PGP tools for most computer platforms on the MIT web site. The particular tool I use is called GnuPG.
If you use Linux, then you're probably able to figure this out for yourself! The mailers mutt, PINE, and evolution to name a few all have support for GPG (the GNU version of PGP)
So, presuming you've installed PGP software, how do you go about checking a mail is from me? The first thing you need to know is my "public key." You can download this from one of several key servers. Additionally, most PGP software has a facility that will go and download a key for you, if you give it the email address of a person.
It is not uncommon to find several keys for a person: people's keys sometimes expire or are revoked. You should ignore such keys, and only download ones that are active. For instance, look at this search for my key.
The first key in the list, whose ID is BAF50C04, has been
revoked. The second key, with ID BB9B8711, is active. You can
see a list of people who have signed my key. This is how you know
it's mine. If you trust those people, then you can trust me.
For convenience, here's the most recent version of my key. You can probably cut and paste it into your PGP tool. Windows users might want to save this file and rename it pubkey.asc, in order to make it easy for PGP tools to recognise it.
Unfortunately I don't have the time to give individual help with PGP, unless it's directly related to an email I sent you, but you will find these links of use:
Using PGP is definitely more effort than sending normal email, but it is worth it for the added security of confirming the identity of your correspondent, and having a securely encrypted communication channel.