2004 has a great article on how to set up crypto for Mac Mail, without any plugins, self-signed certificates or even command line configuration!
Here's all you need to do to sign messages:
Create a certificate through [Thawte](http://www.thawte.com)'s free web of trust.
Download that certificate into Mac OS X's keychain
Click the new 'signature' box that shows up in your compose message window!
And to encrypt messages:
Recieve a signed message from a friend who used the steps above,
Your Mac OS X's keychain will automatically import that friend's public key
Click the 'encrypt' box that shows up in your compose message window when your friend is the recipient!
Now some caveats that I faced:
[Gmail](http://www.gmail.com)'s SMTP server replaces your regular email address with your gmail address. So if your signature is for `you@yourdomain.com`, your messages will still come from `you@gmail.com`. This ruins crypto and your signature will no longer match.
[Doteasy](http://www.doteasy.com) appends a stupid ad on all messages forwarded from their servers to other servers. This also ruins crypto and your signature will no longer match.
[Gmail](http://www.gmail.com) silently discards any email where the signature doesn't match. This means you have to make quite sure your signatures are working perfectly before you start using them.
Moral of the story here is that it is very bad to fuck with the content of a signed or encrypted message.