Remove voicemail * option for all users

jhelou · February 1, 2018, 4:31pm

Hi all, i am trying to find out where the * option for retrieving voicemail remotely is stored in the system. I need to disable it for all since most users keep a very simple pass not aware of the security breach this can cause. tried looking in the database and the file system with no luck. Anyone knows where it is stored? is there a way to disable it by default to everyone without the ability to override?

Thank you

jhelou · February 1, 2018, 6:36pm

Just to say that i didn’t throw the towel too fast, i narrowed it down to a change that must be made in the macro-vm context. I copied the context to extensions_custom and modified it to remove the lines that process the * to adef but still it * asks the caller for the password…

dicko · February 1, 2018, 6:49pm

That’s a little tricky, the “*” transfers the call to the “a” extension of the current context which is {macro-vm] which effectively then transfers to the adef extension, which is :-

exten => adef,1,VoiceMailMain(${MEXTEN}@${VMCONTEXT})
exten => adef,n,GotoIf($["${RETVM}" = "RETURN"]?exit-RETURN,1)
exten => adef,n,Hangup

One recourse might be to copy the whole [macro-vm] into

/etc/asterisk/extensions_override_freepbx.conf

and replace the adef exten with either a simple

exten => adef,1,Hangup

or better a more complex extension that might verify the real intention of the user with another password or some such.

Personally I would enforce a better password policy as the * exit concept is very useful. From

http://www.asteriskdocs.org/en/3rd_Edition/asterisk-book-html-chunk/Voicemail_id263499.html

you will see an options for

minpassword
externpasscheck

which will help you enforce non-lazy behavior.

jhelou · February 1, 2018, 6:56pm

i had changed the line

exten => a,n,GotoIf($[“${DB_EXISTS(AMPUSER/${MEXTEN}/vmx/${MODE}/*/ext)}” = “0”]?adef,1)

to

exten => a,n,GotoIf($[“${DB_EXISTS(AMPUSER/${MEXTEN}/vmx/${MODE}/*/ext)}” = “0”]?exit-FAILED,1)

but i was doing it in extensions_custom.conf i was under the impression that custom takes precedence over additional… thanks for the tip! adding it to extensions_override_freepbx.conf did the trick. kudos dicko!

dicko · February 1, 2018, 6:59pm

From the granddaddy /etc/asterisk/extensions.conf the preferences are defined as:-

.
.
#include extensions_override_freepbx.conf
#include extensions_additional.conf
#include extensions_custom.conf
.
.
.

I would also point out that adef can also be reached through VMX.

tm1000 · February 1, 2018, 9:43pm

Or don’t do it the hacky way. Go to feature code admin and disable the feature code.

dicko · February 1, 2018, 9:53pm

I don’t believe this is pertinent to a feature code, it is actually in app_voicemail.c which intercepts “*” (and similarly “0” if the operator exit is defined) and goes to the “a” extension when * is pressed (“o” if 0 is pressed) this only while the greeting is being played.

The feature code “*” just sends you directly to the following {EXTEN} voicemail context, however the “a” extension is still there waiting to intercept a * whenever and however you get to voicemailmain().

JM2CWAE

(edit: I could have been more precise as to how voicemail() and voicemailmain() are arrived at by the various timing of pressing “*” but I hope you get my point, it’s all in the [macro-vm] context )

system · February 8, 2018, 9:53pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.