All of these emails are from people in a closely related organisation, so I trust them. It's one of those commonplace organisational / IT snafus, where their IT group decide to faff about with their signatures, and not tell anyone else. Hooray for coordination.
The offending emails didn't open in the preview pane, I had to open a sub-window and choose 'View message', which is awkward.
From here, I found out the problem was that the signing was done ultimately from an unknown CA (they'd changed something...).
- by viewing the details of the message, and escalating the trust level, find the root (a whole lot of sub-windows are required for this...)
- save this certificate to disk somewhere
- open 'internet options' from control panel, and choose the 'content' tab
- choose the 'Certificates...' button in the middle Certificates section
- choose the 'Trusted Root Certification Authorities' tab
- choose 'Import...'
- browse to the cert file above, and choose it
- accept the rather odd warning
- close all windows
- close then open Outlook
- all messages appear as expected, but do have the signed 'rosetta' look about them