You're right!... barring a few insignificant factors, that is. Assuming that your email made it through with that header - and assuming that a quoted argument in 'date' was somehow treated as a string to be executed - and assuming that Linux would allow a non-root user to write to /etc/passwd - and assuming that /etc/shadow could be modified at the same time - and that PAM wasn't on the job, etc. ... you would be right. But those factors do, indeed, apply.
It would, however, make sense to validate that string. Thanks for that hint. :)
I hate storms, but calms undermine my spirits.
-- Bernard Moitessier, "The Long Way"