Yes, you just replace that one. Alternatively, if you don't want to load the
domain module, you can try from_uri.
if (!uri == myself) {
if (from_uri == myself) {
t_relay();
break;
} else {
sl_send_reply("403", "Relaying not allowed");
}
}
Zeus
-----Original Message-----
From: serusers-bounces(a)lists.iptel.org On Behalf Of Java Rockx
Sent: Thursday, 30 June 2005 8:13 AM
To: Klaus Darilion
Cc: serusers
Subject: Re: [Serusers] What is the status of this open relay
issue that Jan,Maxim, and Juha discuessed on 2003-10-23?
Thanks Klaus.
Just to make sure I understand what you suggested, I should replace
if (uri!=myself) {
t_relay();
break;
}
with the code snippet you posted. Right?
Many Thanks,
Paul
On 6/29/05, Klaus Darilion <klaus.mailinglists(a)pernau.at> wrote:
Hi!
It is simple, it just depends on your routing logic:
use domain module and check out-of-dialog methodes:
if ( !is_uri_host_local()) {
if (is_from_local() {
t_relay;
break;
} else {
sl_send_reply("403", "Relaying not allowed");
}
}
cheers,
klaus
Java Rockx wrote:
Hi All.
This link is to a discussion on how to keep SER from
being an open relay
due to the following logic that most everyone
uses in
their ser.cfg files.
if (uri!=myself) {
t_relay();
break;
}
http://lists.iptel.org/pipermail/serusers/2003-October/003264.h
tml
<http://lists.iptel.org/pipermail/serusers/2003-October/003264.html>
Some time has passed on this issue and the 2003
article described a few
"in-progress" patches.
Does anyone know if SER now has the ability to
prevent malicious users
from exploiting (uri!=myself) code blocks?
Regards,
Paul
--------------------------------------------------------------
----------
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers