I looked at the description superficially, and I can not accurately describe, but:
Everything is based on asymmetric cryptography
1. Google (for example) considers the hash from the header (to, from, cc etc.) and / or the body of the letter.
2. Encrypts the hash with his private key, then sends the letter along with the encrypted key
3. The receiving party requests the public key from Google and decrypts the message, calculates the hash and compares it with what arrived from Google. If they match, then the verifier has a 99% guarantee that the letter came from Google. We will write off 1% that the private key can be stolen.
Why can't it be faked? This is guaranteed by the cryptographic strength of the algorithms used.
PS Do you read Navalny's letters? :)