Okay... that clearly didn't work. As I expected, it requires me to do a proxy authorize before doing the check_from in order to get the credentials. The problem is, this is an open proxy, so I don't WANT people to have to authorize before calling through. I just want some way of making sure they ARE a valid user if they claim to be.
Am I going to have to do a search("^From:.*@my.domain.com")) and then proxy_authorise and check from... essentially only authenticating users who claim to be from my system?
I'll give it a shot. Seems kind of backward, though.
N.
On Mon, 10 Apr 2006 11:25:27 -0400, sip wrote
I was under the impression check_from gathered its data from credentials (requiring a proxy authorize)...
Still, though, documentation on it being what it is (i.e. a line saying simply "Check From username against URI table or digest credentials." ), how would I use it to check if a user isn't in the URI table but is pretending to be? Couch it in a Search?
Like:
if(search("^From:.*@my.domain.com")) { if(!check_from()) { error and exit }; };
?
N.
On Mon, 10 Apr 2006 16:40:58 +0200, samuel wrote
check_from() ? 2006/4/10, sip sip@arcdiv.com:
Is there a way anyone can readily think of to check to see if someone using our open proxy is calling through with a From header that attempts to
fool the
recipient into thinking the call is validly from one of our users?
Scenario is this...
While looking at the logs this morning, I noticed someone was calling a SIPPhone user through our proxy with a From: address that LOOKED like it
was a
user of ours, but using a username that doesn't actually exist.
I'm wondering if there's anyway to check if someone is calling through
us with
a From: address that looks like one of our users, but isn't.
N.
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers