A company can widely publish their Ethereum address, but this still requires some sort of key/address distribution mechanism. It could be as simple as posting their address on a well-known website such as the company's own site. The company could then sign the e-mail with the Ethereum address' private key without using the blockchain. All of this has been possible pre-blockchain using something like PGP/GPG.
Alternately, the company could push a hash of the message and a salted hash of the recipient's e-mail address (to make it harder to harvest e-mail addresses) onto the blockchain to make the e-mail non-repudiable (AKA "No takebacksies"). So if you receive a legal contract, for example, the sender can't later deny sending the message -- at least before a certain time.
This is all subject to the regular caveats for this sort of thing. For example, a company can try to deny future messages it sent by deliberately leaking its private key. Or phishers can publish similar-looking names to the well-known entity. And this brings you back to the need to purchase digital signatures from a trusted source or use the free service letsencrypt.org (free plug)!
To reduce spam, one could go back to a precursor to Bitcoin and use something like Hashcash. Or, with blockchain technology and a token that is actually worth money, one could reject all e-mails unless a token transfer is included with the message. If it's spam, you keep the token. If it's ham, you can opt to refund the sender the amount AND add them to a whitelist in the blockchain so that they don't need to include a token the next time around. Or even more complicated schemes.
