I’m looking into setting up a private relay server so that data doesn’t have to travel through third party relays even in tricky network situations.
After reading through the docs, the README and the man page I know that I can pass
strelaysrv to make it not announce itself.
Is there a way though to make the relay refuse clients? Despite not being announced, once the address is known (which can happen in various ways) it can be used as an attack vector against a system. Did I understand this correctly or actually there’s a way to restrict client access by pre-shared keys or private/public key auth?