In OpenPGP, data is encrypted to a symmetric key (typically a 256-bit AES key). This is the session key. The session key in turn is encrypted to your public key. This data block (session key encrypted to your public key) is in the file.
"Encrypted session key is bad" means that there was an encrypted session key block in the data, and the encrypted session key was encrypted to the KeyID of your public key, but when the session key was decrypted using your private key, the result wasn't a valid session key for the encrypted data.
Why might you see this error? Some possibilities include:
- The data was corrupted somehow.
- There is a bug in the sending software, whereby the session key was encrypted to a key other than your encryption subkey but the encrypted session packet information listed your KeyID.
Something you could try is to download the sources to pgpdump (http://www.pgpdump.net/about.html) and dump out the file to see if all the packets parse properly. (You could also download a trial version of PGP Command Line and use "pgp --dump-packets [filename]".) You may also want to verify that the file you have is identical to what the sender created, by running a checksum (md5 or sha1 hash) of the file and comparing the values each of you get.