cURL / Mailing Lists / curl-users / Single Mail


Re: curl: ftp anonymous password

From: <>
Date: Wed, 2 Jan 2002 13:40:20 +0000

On 2002-01-02 09:54:28 +0100, Daniel Stenberg wrote:
> On Thu, 27 Dec 2001 wrote:
> Thanks for mailing me regarding the FTP password curl uses.
> > I've seen you are sending "" as PASS in anonymous
> > ftp.
> Yes, unless you specify a password.
> > You should use "anonymous@" as newer ftp clients do.
> I don't think so. Some strict ftp server checks for something that looks like
> a valid email, and by not having anything on the right side of the @ letter
> it is not a valid email address.

Did you know that Internet Explorer 5.x and Netscape Communicator 4.x
the two most used browsers send "IEUser@" and "mozilla@" respectively ?

If an ftp server doesn't let anonymous ftp passwords with nothing at
right side of the @ letter their are cutting most ftp requests.

What about using as current mozilla does ?
using anonymous guarantees no SPAM, and no user-agent based
discrimination, and is a domain which is
guaranteed to never really exist as you can see in

> > Problems with your approach:
> > - Some stupid servers try to check that what goes after @ exists
> > and delay the login and could deny login if the hostname is not a DNS
> > valid one.
> is a valid domain. is a valid domain now, but not forever.

> > - Sending anything that's not anonymous@ as password is not
> > anonymous by definition
> Surely it is. It doesn't identify the user one bit, it identifies the
> user-agent only.

That can be used to discriminate based on user-agent and nobody likes

> > - Spyware is not a good idea, most users don't like it.
> I wouldn't go so far to actually call that spyware.

Yes, that's your point of view.

> > I send you the bugfix.
> I still don't like the absence of a right side of the @ letter...

Happy New Year !
Received on 2002-01-02