If message contains the public key of SMTP (which could be made-up), the internet header and message is signed. If public key stated does not encrypt the message digest. This would mean it has been tampered/modified. If the public key stated is correct, when it verifies the message digest. The message digest will include the message and the internet headers. If this is successful, you certain trust the internet headers which can used to trace.