Re: [Serusers] Checking spoofed From headers

I was under the impression check_from gathered its data from credentials (requiring a proxy authorize)... Still, though, documentation on it being what it is (i.e. a line saying simply "Check From username against URI table or digest credentials." ), how would I use it to check if a user isn't in the URI table but is pretending to be? Couch it in a Search? Like: if(search("^From:.*@my.domain.com")) { if(!check_from()) { error and exit }; }; ? N. On Mon, 10 Apr 2006 16:40:58 +0200, samuel wrote > check_from() ? > 2006/4/10, sip <sip(a)arcdiv.com>om>: > > Is there a way anyone can readily think of to check to see if someone using > > our open proxy is calling through with a From header that attempts to

> > recipient into thinking the call is validly from one of our users? > > > > Scenario is this... > > > > While looking at the logs this morning, I noticed someone was calling a > > SIPPhone user through our proxy with a From: address that LOOKED like it

> > user of ours, but using a username that doesn't actually exist. > > > > I'm wondering if there's anyway to check if someone is calling through

_______________________________________________ Serusers mailing list serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers