Please note that 'verify' here means 3 different things:
you can verify if the email was modified after being signed
you can verify if the signing certificate is valid (not expired)
you can check if you trust the signing certificate to belong to the declared sender
One or more of the above checks can fail, while the others apply.
When you open an email that was digitally signed, DeskNow will display a message stating that the email was digitally signed. You can view details of the signature by clicking on the link next to the message ('View details').
When you view the signature details, the window will show if the above 3 checks are verified or not.
DeskNow will trust a certificate only in one of the following two cases:
1. the certificate used to sign the message is associated to a contact in your Contacts folder (or subfolders, including shared folders), where the email address of the contact corresponds to that of the certificate
or
2. the certificate is itself signed by a "signing certificate" that is trusted by your domain administrator. Signing certificates are typically used by public certification authorities (like Verisign, Thawte, etc) to sign Personal Identitity certificates that certifies that the certificate belongs to the named person.
If the digital certificate of an email that you received is not trusted, you can:
1. open the certificate details, call the sender over the phone, and verify that the certificate that you have really corresponds to his certificate. You can do so by comparing the thumbprint field. Once this is verified, click on the Trust button. DeskNow will then associate the certificate to every contact that has the associated email address
or
2. ask your domain administrator to trust the signing certificate that was used to sign the sender's certificate (if one was used). DeskNow already knows and trusts the signing certificates of all the most common certification authorities.