Juha Heinanen wrote:
Bogdan-Andrei Iancu writes:
> I agree, but is not the case I was referring to. Imagine the following
> scenario: some user upload as contact or redirect/forward address an uri
> like "sip:[EMAIL PROTECTED]"; he can later switch the DNS entry of the
> domain "somedomain.com" to point to your GW IP.
>
> In [Open]SER, the DNS resolve is done when no more scripting is
> possible, so .... :)
this is not a problem, because resolving somedomain.com doesn't rewrite
r-uri, which thus arrives to your GW as sip:[EMAIL PROTECTED] if
your GWs name is not somedomain.com, the GW should reject the request.
That whould be the easiest solution, but:
- Does this work with Cisco GWs? AFAIK not.
- Also, often the GW is not under my control. Fixing the problem locally
is much easier than discussing the reason of such a GW configuration
with other "VoIP experts".
> again, agree; the question is where to keep the list: in core and the
> core should export fifo command for reload from file maybe (the core
> should not be DB dependent)?
if not, then i guess file is the only choice (which is not good).
I think the blacklist should use ser's DB API. Is it possible to
implement this as a separate module?
regards,
klaus
_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users
