Dial Options T t security?

I understand what the T and t options are, but reading through the forum there is the occasional post that mentions one of these options should be removed, possibly for security reasons.

Is there ANYWAY that someone can call into the system (from outside the system), and then within the voicemail or auto-attendant they use the transfer codes (dtmf) and transfer themselves to another external number?

I would not think so, as that would be a major vulnerability, but like I said there are a few posts around here that are making reference to that.

It depends on the context in which the call is in, IMHO the T option is almost certainly insecure if your context is from-internal, from-digital, from-analog (from-dahdi), because it’s behavior is channel specific, three-way calling can ruin your whole day. :slight_smile:

Further, if you think about it, why would you need either, your internal phones probably have buttons to do that and why would you allow your external callers to do that in any case, that’s what IVR’s are better designed for.

Thank you for this information.

Yes, the internal phones have transfer buttons which I think are probably just shortcuts to ## or *2. So … you are saying that if I remove the transfer option from the asterisk dial options then I will still be able to use the transfer buttons on the phones? If so, that sounds like a great idea.

Yes, ## and 2 are “in-call” features defined in /etc/asterisk/features.conf files and outside of asterisk/FreePBX’s methods for safely doing the same function with better control.

Thanks dicko, I really appreciate your help!