The main weakness of the system is in the key security; you can't fully trust a key unless you have actually met the keyholder to get it and checked that you didn't meet an impostor. This is only really significant for spy-novel type situations, though, and doesn't materially weaken it as a defence against spammer-type bulk abuse.
Impostor? For a lot of people I recieve e-mail from I could care less about their real world identity. The signature tells me that the person sending an e-mail is the same person who has sent me other e-mails signed with the same signature. Don't discount the usefulness of this.
Description: PGP signature