- Joined
- Sep 8, 2014
- Messages
- 6
- Reaction score
- 6
We are experiencing some fun spam here and I am not sure there is much we can do about it, but wanted to maybe make a suggestion or see if anyone else has come across this and found a way to deal with it.
We have a client who had an employee with a 3CX mobile client installed on their cell phone. This employee was terminated from the company on bad grounds. To prevent the employee from utilizing the company's phone system via their phone app, we modified the username and password (then eventually deleted the extension) so their client would no longer connect.
However, in doing this we ran into our issue. By removing the credentials the 3cx client used to connect successfully, it is now failing to connect (yay, right?). This causes an abnormal about of spam email messages for registration failures, one ever 15 minutes or so. The real issue is, as that cell phone roams around the world, it is picking up different IP address everywhere it goes so it makes it near impossible to blacklist it. Also, because it is simply a failed registration 3CX does not apply the blacklist time (set to some 9000000 minutes or something) to it and apparently has a back-end timer of about 15 minutes that it applies.
So, on to the suggestion:
If a 3CX client, phone or desktop since 3CX has access to modify those and they are rather mobile, is banned for 15 minutes for registration failure, 3CX should send a message to that client to delete the provisioning. I am sure there is some reason it doesn't already do it, but I cannot think of one.
We have a client who had an employee with a 3CX mobile client installed on their cell phone. This employee was terminated from the company on bad grounds. To prevent the employee from utilizing the company's phone system via their phone app, we modified the username and password (then eventually deleted the extension) so their client would no longer connect.
However, in doing this we ran into our issue. By removing the credentials the 3cx client used to connect successfully, it is now failing to connect (yay, right?). This causes an abnormal about of spam email messages for registration failures, one ever 15 minutes or so. The real issue is, as that cell phone roams around the world, it is picking up different IP address everywhere it goes so it makes it near impossible to blacklist it. Also, because it is simply a failed registration 3CX does not apply the blacklist time (set to some 9000000 minutes or something) to it and apparently has a back-end timer of about 15 minutes that it applies.
So, on to the suggestion:
If a 3CX client, phone or desktop since 3CX has access to modify those and they are rather mobile, is banned for 15 minutes for registration failure, 3CX should send a message to that client to delete the provisioning. I am sure there is some reason it doesn't already do it, but I cannot think of one.