Regarding the "the sender" thing -- see my update above; sorry I was busy editing my comment before you posted this.
Regarding the secure message digest: if that's your claim, maybe clarify that "[DKIM-]signed messages are tamper-proof"? Because not all email messages are signed. Also, I think you can still upload messages with broken signatures (not sure?) in most mailboxes, and the user won't necessarily know either (who verifies DKIM signatures manually?)... but I'd have to double-check this.
Yeah, probably true - I did mention our non-standard DIGEST.SHA1 (I'd like to change that algorithm at some point, though the risks are kind of overblown, particularly since we inject some randomness in the SESSIONID field that's part of the Received header added on every delivery)
That said, if you tried to claim that a message was from somebody and used a tampered version, then checking the DKIM signature is something I expect would be done as part of the forensic analysis, as would checking the mail server logs. At least on our servers, you'd be able to tell from the logs that the digest changed when the new copy was uploaded - assuming you claimed something about downloading it and moving it to a new folder with your client.
Regarding the secure message digest: if that's your claim, maybe clarify that "[DKIM-]signed messages are tamper-proof"? Because not all email messages are signed. Also, I think you can still upload messages with broken signatures (not sure?) in most mailboxes, and the user won't necessarily know either (who verifies DKIM signatures manually?)... but I'd have to double-check this.