A client of ours operates a call center and reported toll fraud on a specific ring group. The ring group in question utilizes an external DID in the call list. The default Outbound Trunk Dial Options appear to include T which is allowing the caller to initiate an outbound call via the transfer option *2.
Calling this an “exploit” is up for question, however if I am correct that this is a default dial option that can be utilized in this use case, then I’d argue the ring group configuration should include an option to override the default Outbound Trunk Dial Options.
I was able to see the DTMF by using the following command
grep “DTMF begin” /var/log/asterisk/full | grep “received on SIP/Trunk-Name” | awk ‘{print $7}’ | sed s/'//g | sed ‘:a;N;$!ba;s/\n//g’
Regards,
Chris
Chris Miller
President - Rocket Scientist
ScratchSpace Inc.
(831) 621-7928
Yes, it is. Calls hitting the Inbound Routes have a variable called DIRECTION set with a setting of INBOUND. If that setting exists, dial options are modified. Specifically if you set “Disallow Transfers Features for Inbound Callers” to Yes. It will remove the transfer abilities of the call.
So all calls that come in and hit Inbound Routes get this flag which keep the call marked as an “external” call through out the flow of the call in the system.