On Tue, 2023-04-11 at 13:54 -0500, nix via agora-discussion wrote: > Your client itself will normally display the timestamp attached by the > sending machine. This is usually assumed to be honest, but could > actually be forged (to amusing results, such as pushing a new email way > back in your inbox because it reports and old date, I believe ais523 or > someone else actually did this for an email in the archives). The > archives also use this date I believe.
I've been known to forge email timestamps in the past, mostly just because it's another fun corner of the Agoran rules to mess around with. It is much harder nowadays than it used to be: the email system has a lot more anti-forgery protection in it than it used to (the idea being to make it hard for spammers to disguise where their messages are coming from, thus making the spam easier to block), so if you try to forge email timestamps the way I traditionally used to forge them, the computers along the way are actually somewhat likely to notice nowadays. It is, however, still possible. I could probably manage it if I really wanted to, but (assuming that I wanted the timestamp to be believable) the easiest way to get an email with a given timestamp on it would be to actually send it at that specific time. (With automation, it isn't too hard to send an email at a specific time, if you know in advance that you're going to have to.) The *really* fun variant, which AFAIK has never been tested at Agora, is to exploit the fact that the start of an email arrives before the end of the email does – if the email is being sent over a sufficiently slow connection, the end of the email can theoretically contain text that was chosen based on reacting to things that have happened since the email started to be received. In this case, I think the email servers along the way might nonetheless use the timestamp of when the email started to be sent, although I'm far from certain about this. (Some of the modern anti-forgery features stop this working, incidentally, because the proof that the email's body has not been modified during transit appears in the email headers, which appear before the body, so you have to have the whole thing written in advance in order to be able to come up with a header and body that match each other.) -- ais523
