[asterisk-users] Am I cracked?

Luca Bertoncello lucabert at lucabert.de
Mon Jun 8 15:24:33 CDT 2015


Kevin Larsen <kevin.larsen at pioneerballoon.com> schrieb:

> Make sure you have solved the problem. You don't want to get hit with a 
> phone bill for calls from your location to Israel. Basically, they are 
> hoping that you are running the equivalent of a mail server open relay. 
> They are trying to use you to dial out to another number. You don't want 
> to pay for these calls.

Of course, but how can I test, if I am an "open relay"?

> The calls are being dumped into your default context. It's not matching on 
> your gotoif statements, so finally it is trying to execute this:
> Dial("SIP/192.168.20.120-0000002a", "SIP/pbxluca/000972592603325,,R") in 
> new stack
> 
> Not sure what trunk pbxluca is, but if that is an outbound trunk, then 
> this is very bad. The only reason it would fail then is if they have the 

This is one of my outbound trunk...

> outbound dial pattern wrong, which is a sure sign that you are open in the 
> future to having someone make this kind of call in a way that does work 
> and leaves you on the hook. Based on your email address, I am guessing you 
> are in Germany. Looks like they almost have the correct outbound pattern 
> for dialing from Germany to Israel. It should be 00972592603325 (notice 
> the one less zero in the front). Please tell me that pbxluca is not an 
> outbound dialing context? If it is, you need to fix this very quickly.

How can I fix it? Of course, I need to be able to call any phone on this
world...
On a Mail-Server I'd restrict outgoing calls to authenticated users. I was
sure, that Asterisk already do that, but I'm not sure anymore...
How can I restrict it?

Thanks
Luca Bertoncello
(lucabert at lucabert.de)



More information about the asterisk-users mailing list