[Serusers] Avoiding caller ID spoofing....
sip
sip at arcdiv.com
Fri Oct 21 15:43:22 CEST 2005
I think I asked this question before, but I honestly can't remember (been one
of those weeks).
How can I avoid someone spoofing caller ID by just putting in fake info into
their Display Name field in their UA client? I'd like to be able to replace
the display name with one of my choosing (preferably based on some rules about
the caller's ID... i.e. if the caller is a user on our system, replace his/her
display name with the last name, first name from the DB subscriber info. If
the caller is from a different system, remove the display name completely and
just pass the sip info so that at least a valid identification is seen).
This involves the dreaded modification of the From: header (although it
shouldn't break RFC because it doesn't actually involve modifying the URI.
Is there a reasonable way to do this or does this call for some more module
hacking (maybe taking bits from the UAC module and rewriting it to accept an
avp or some such) ?
N.
More information about the sr-users
mailing list