If it doesn't care whether the email address is valid, why does it insist
that the invalid email address be in the format of an email address? The
problem is not that it insists on a valid email address, but that it
appears to do so. This lack of clarity serves no recognizable purpose.
Folks, this is just a standard feature of anonymous FTP servers. The
authentication parser does a regexp check for
string(_at_)string[(_dot_)string]n as a sort
of half-witted attempt to weed out the complete lusers. You can take issue
with
the algorithm if you want, but it certainly doesn't qualify as an invasion of
privacy.
RGF
Robert G. Ferrell, CISSP
Information Security Officer
National Business Center, US DoI
Robert_G_Ferrell(_at_)nbc(_dot_)gov
------------------------------------------------------------
Nothing I have ever said should be construed as even vaguely
representing an official statement by the NBC or DoI.
------------------------------------------------------------