And yet all of those examples go poof very, very easily, based on something that's not in your control. So yeah, I think they're nothing.
Let me give you a scenario to consider. At my old company, there was a mail server that would DKIM-sign everything that was passed through it. Anybody who wanted to on the internal network could write an email with tampered headers (say, backdated, or "From:" someone else) and send it through this server. This was acceptable because the SOLE PURPOSE of this signing was improving SMTP deliverability. It tells other mail servers "yes, this SMTP payload actually originated from this company. Please do not treat it as spam." So given one of these signed messages, what can you argue about the contents? Nothing, other than "these did not come from a random spammer posing as this company."
You run risks when you assume a signature means something that the signer does not actually intend it to mean.
Let me give you a scenario to consider. At my old company, there was a mail server that would DKIM-sign everything that was passed through it. Anybody who wanted to on the internal network could write an email with tampered headers (say, backdated, or "From:" someone else) and send it through this server. This was acceptable because the SOLE PURPOSE of this signing was improving SMTP deliverability. It tells other mail servers "yes, this SMTP payload actually originated from this company. Please do not treat it as spam." So given one of these signed messages, what can you argue about the contents? Nothing, other than "these did not come from a random spammer posing as this company."
You run risks when you assume a signature means something that the signer does not actually intend it to mean.