Turns out it's the -text
parameter. If you omit that, then openssl will treat whatever the heck you throw at it as the MIME email (which means you probably should put some headers on it).
So add the headers you want, for example:
CCDA_Inpatient.xml
Content-Type: text/xml
<?xml version="1.0"?>
<!-- the rest of the document here -->
And then sign it without -text
:
openssl smime -sign -in CCDA_Inpatient.xml -out signed.msg -signer my.crt -inkey my.key
And voila! Your headers will be your own.