[Serusers] What is the status of this open relay issue that Jan, Maxim, and Juha discuessed on 2003-10-23?
Klaus Darilion
klaus.mailinglists at pernau.at
Wed Jun 29 23:11:51 CEST 2005
Hi!
It is simple, it just depends on your routing logic:
use domain module and check out-of-dialog methodes:
if ( !is_uri_host_local()) {
if (is_from_local() {
t_relay;
break;
} else {
sl_send_reply("403", "Relaying not allowed");
}
}
cheers,
klaus
Java Rockx wrote:
> Hi All.
>
> This link is to a discussion on how to keep SER from being an open relay
> due to the following logic that most everyone uses in their ser.cfg files.
>
> if (uri!=myself) {
> t_relay();
> break;
> }
>
> http://lists.iptel.org/pipermail/serusers/2003-October/003264.html
>
> Some time has passed on this issue and the 2003 article described a few
> "in-progress" patches.
>
> Does anyone know if SER now has the ability to prevent malicious users
> from exploiting (uri!=myself) code blocks?
>
> Regards,
> Paul
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
More information about the sr-users
mailing list