You're going to have to derive a canonical form of the message
so that you have something to sha1 that won't change as it
traverses the network.  Not hard, just need a definition.
Something that includes the important headers (From:,
Sender:, Reply-to:) and the body would be enough.  You
might want to worry about making cr-lf == lf.

Then you need a way to add the signature.  I'm happy with an
S/MIME attachment but some people here hate S/MIME.

Then you need a database of shared keys.  If it were public
key encryption, you could put the public half on a shared
server but since these are secrets, we have to keep them to
ourselves somewhere.

Finally, you need a way to introduce yourself to someone and
give them a token.  This is always the hard part.  PGP sort
of solves it with trusted places to leave the public key
and by passing notes that are fingerprints of the public keys.
Of course, the easier you make this, the easier it is for the
spammers to insert themselves.

Anyways, by the time you're done, you've defined PGP.  Why not
use PGP?  If you're trying to be simple, you don't need their
encryption (which hardly anyone uses anyways) or their complicated
rules for trust relationships.  Then you have exactly what
you're asking for and you stay compatible with some part of
the world.