Hi,
A cleaner solution might make use of this, when processing in-dialog requests where the Record-Route would have been turned into a Route set:
https://www.kamailio.org/wiki/cookbooks/5.0.x/pseudovariables#route_uri_-_ur...
You could set a dialog-persistent variable indicating the original source address of the caller and callee next-hops:
https://www.kamailio.org/wiki/cookbooks/5.0.x/pseudovariables#dlg_var_key
And then check in the onsend_route if the next-hop address,
https://www.kamailio.org/wiki/cookbooks/5.0.x/pseudovariables#next_hop_addre...
compares to one of those endpoints.
However, I would ask why you are so concerned about this particular spoof attack. Putting a third-party address in Record-Route only affects in-dialog requests (end-to-end ACK, BYE, re-INVITE, etc.), which, if they cannot be matched to an existing dialog known by that destination, will simply be discarded.
I would be more concerned about Contact spoofing in the registrar, if you are using it.
-- Alex