Hi,
I’m currently implementing an Antispam system with FreePBX which basically should do (in more or less this order):
- Well-known numbers in a list should bypass all checks and directly be forwarded to the final destination
- Anonymous callers shall enter their number (Privacy feature)
- Number at this point is checked online for Spam with Superfecta → Special route in case of Spamscore
- Call will be routed to a virtual extension doing caller screening
- Screened call will be forwarded to the final destination
All this independently for three different incoming DIDs.
I’ve learned a lot about the capabilities of FreePBX in the last days and everything is working great - with the exeption of the bypass of well-known numbers. I’m really completely desperated with the allowlist module as in my opinion it has a wrong logic (or at least a wrong position in the call processing).
The allowlist processes well-known “friendly” numbers. In my understanding this should work by “extracting” these numbers in the module from further processing which means they can be immediately forwarded to the next destination (Dynamic routes, queue, ring group, extension etc.). There is no need that a well-known number does any further processing by the privacy feature or superfecta - the number is already approved by the fact it’s in the allowlist.
Unfortunately Allowlist exactly behaves the opposite. It extracts all unknown callers from the inbound processing, completely killing the ability to be further checked by privacy and superfecta. While well-known and approved numbers continue being processed by Privacy and Superfecta.
I’m sure there is a reason for this inverted logic, because @mitchmitchell must have had a reason to implement it like this … so I guess it’s me who does not understand why it was done this way. However, I don’t see a proper way to complete my project with this behavior.
Even the inverse logic would be something that can be dealt with - if the allowlist “order” would not be this extremely high in the call processing. I’m not sure if this can be influenced in FreePBX in any way, but allowlist unfortunately catches all the interesting “unknown” callers quite at the beginning of the process. It “steals” Privacy and Superfecta the ability to get their hands on the call.
Finally I still would really love a solution for this dilemma. I did not look that deep how modules are linked in FreePBX of if they are in a language which allows modification. Thinking about the ability of a “dirty hack” to work around this issue like:
- Maybe finding how to invert the logic in a way that allowed numbers take the exception route instead of non-allowed
- Maybe shifting the point where allowlist is processed in a route to a point behind the Privacy and Superfecta processing
Both would solve the issue, with the first one being be much more clear and elegant in my opinion.
Any other ideas how to make allowlist work with Privacy and Superfecta are highly welcome
PS: Privacy can be worked around by catching anonymous callers with a second inbound route and send them to an IVR with following voicemail box. Not that elegant, but at least a solution. But for Superfecta I don’t have a solution right now.