Scott Lawrence schrieb: > Whether or not to forward a SIP request that is not for your domain > depends on your deployment model and whether or not you want to support > end-to-end SIP calling. If you want to be able to support end-to-end > SIP, that implies that your users can use real SIP URLs as addresses (as > opposed to PSTN numbers as a user part with your domain). You could, of > course, limit such forwarding to clients that can authenticate as being > in your domain, but to just unconditionally reject them all because they > are not local deprives you of one of the real advantages of SIP: the > ability to reach the entire Internet.
Sorry, probably I was not clear enough: In my opinion a SIP proxy should forward only request if it either works on behalf of the caller or the caller: If [EMAIL PROTECTED] sends to Atlanta SIP proxy a request targeted to [EMAIL PROTECTED], then the Atlanta Proxy should forward it. If [EMAIL PROTECTED] sends to Biloxy SIP proxy a request targeted to [EMAIL PROTECTED], then the Biloxy Proxy should forward it. If [EMAIL PROTECTED] sends to Chicago SIP proxy a request targeted to [EMAIL PROTECTED], then the Chicago SIP Proxy should reject it. If Chicago SIP proxy would forward the request then it would be an open relay and can be abused for various kind of attacks. regards Klaus _______________________________________________ Sip-implementors mailing list Sip-implementors@lists.cs.columbia.edu https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
