-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Not an issue
-
Affects Version/s: 15.0.16.52
-
Fix Version/s: None
-
Component/s: Inbound Routes
-
Labels:None
-
ToDo:
-
Asterisk Version:13.18.3~dfsg-1ubuntu4
-
Distro Version:18.04
-
Distro:Self Install Ubuntu
(Version is actually 15.0.16.75, but this isn't in the list)
I have 2 VoIP providers which provide a DID to identify them on inbound routes. I therefore have a default inbound route setup where both CID and DID are left blank (meaning any or none) with a destination that terminates the call. Note that I have to have "Allow Anonymous Inbound SIP Calls" and "Allow SIP Guests" set to "Yes" to allow incoming calls from the VoIP providers.
Where the incoming DID is set to something non-recognised, everything is working correctly. However, if there is no DID set, the call is being routed to one of the extensions specified for one of the VoIP providers. What's more, the CID the fraudster is using is blacklisted, but this blacklist entry is being ignored (whereas blacklist entries work OK when a DID is set). Even more worrying is that, although the call is treated as 'from-sip-external' it is treated as an internal call internally, and the fraudster is able to re-route the call to a premium overseas number. Whilst I have the 'T' option disabled, I have also had to disable the 't' option to prevent this, which means no-one can transfer calls any more.
