I didn't read Kind 4 DMs spec, but normally in encryption:
- the sender encrypts with his private key
- and encrypts with the recipient pub key.
So the recipient:
1. decrypt with his private key
2. decrypt with the pubkey of the sender
So, if the recipient just does 1., he can share the message which is "signed"