Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

Avoid voicemail attendant using caller ID?

Discussion in '3CX Phone System - General' started by stevemayman, Jan 6, 2014.

Thread Status:
Not open for further replies.
  1. stevemayman

    Joined:
    Sep 27, 2013
    Messages:
    8
    Likes Received:
    0
    I have a DID set up that immediately connects to voicemail on 99. It then asks for extension and PIN. Can I have it connect me to a specific extension based on caller ID and either skip the PIN or provide that too? I am PIN free from my extension within the office so I had hoped that would work from outside the office as well.

    Thanks!
     
  2. lneblett

    lneblett Well-Known Member

    Joined:
    Sep 7, 2010
    Messages:
    2,086
    Likes Received:
    65
    Yes, you can set a callerID mask to direct you to a specific extension just as you have done for VM. However, there is no way that I am aware to by-pass the PIN for externally retrieved VM.

    The PIN is a security measure. From an internal source, the system can validate the extension number from which the call is made to the VM box. So, if extension 100 is dialing VM the system will connect to the VM for extension 100 and play back the VM without the need for a PIN (provided it is set-up to avoid the need for a PIN).

    If from the outside, there really is no such way to validate that the number or callerID is indeed the extension owner and presumably there may be other occasions where more than one callerID mask is directed to only one extension, so which then is the owner?
     
  3. stevemayman

    Joined:
    Sep 27, 2013
    Messages:
    8
    Likes Received:
    0
    Thanks Ineblett. I am new to 3cx and experimented with CallerID masks but couldn't get it to work. How would I set up to forward to a particular extensions "listen to voicemail" essentially at the point it asks for your PIN?

    Regarding why voicemail PINs are mandatory; this logic seems to be built on the assumption that voicemail should be private. While this is undoubtedly true in many situations it is certainly not true in all. Why not have the option to disable PINs for voicemail? I realize that you are not advocating mandatory PINs Ineblett, just explaining and this comment was not directed at you! More a feature request for 3cx...

    Thanks!
     
  4. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    11,113
    Likes Received:
    329
    There may be some recent changes to this that I am unaware of, but in the past, the PIN option for voicemail was a system wide on/off feature configured in the advanced settings. I'm not sure that this could be done on an individual basis. I have an IVR set-up specifically to pick up VM for one extension. I don't use it on a regular basis and will have to check tonight on exactly how I set it up.
     
  5. lneblett

    lneblett Well-Known Member

    Joined:
    Sep 7, 2010
    Messages:
    2,086
    Likes Received:
    65
    I am of the opinion that you can establish the global option for PIN usage thru the use of the custom parameters, or you can select for each extension which came as a new feature in V11 (I do not recall it in V10, but possibly it was there).

    In any event, the issue about the PIN is really, as you indicated, a security concern. As I indicated, you can disable the PIN and it will not be requested, but only on those occasions when the extension and VM box match; i.e.; when extension 100 accesses its own VM box. If you access VM from outside, the PIN does indeed become a requirement.

    Keep in mind that not only is there the concern about the contents of the VM box itself, but that one of the other features is the dial-thru capability where you can dial into the system remotely, access your VM and then, if needed, effectively dial out from there - provided that this option is also enabled. There may also be the concern that the options menu comes into play and that there is then risk about how others might elect to "play" around and possibly do some things that you might not otherwise want.

    To me it is no big deal as you can set the PIN to be a single digit if desired, so I don't find it too obtrusive. I just know how many times I see the systems attacked via the internet and I have no idea if the same might hold true from folks getting into a digital receptionist and pushing buttons just to see what happens.
     
  6. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    11,113
    Likes Received:
    329
    This is what I ended up doing, it's not going to apply in most cases as it is (for me) just for a single mailbox access. You might be able to use some parts to create something that works for you.

    Because there is no way to cut through, to check messages, when you are listening to the outgoing message, as you can with a standard answering machine, I did this as a work-around...

    While listening to outgoing message, Star out to operator extension. Operator extension is forwarded to a digital receptionist. DR has all key inputs set to "end call", but has timeout set to 1 second, and connect to extension 999 (voicemail).

    Of course, this all relies on getting to a mailbox to begin with, and, the operator extension not being used for the operator function. You may be able to incorporate caller ID based routing on the initial call depending on your trunking set-up.
     
  7. stevemayman

    Joined:
    Sep 27, 2013
    Messages:
    8
    Likes Received:
    0
    That is a good point about security. I had disabled the outbound calling from voicemail feature and even tested it, but you are probably right that hackers might have some other way to exploit it. We have disabled calling to anywhere but the US & Canada too, but I'm sure we are never totally safe!
     
  8. jasit

    jasit New Member

    Joined:
    Feb 12, 2013
    Messages:
    172
    Likes Received:
    1
    maybe I missed this in the thread, but why don't you just use the voicemail to email? I am assuming that you have a smart phone, so you don't have to dial into the system at all.


    jasit
     
  9. SY

    SY Well-Known Member
    3CX Support

    Joined:
    Jan 26, 2007
    Messages:
    1,825
    Likes Received:
    2
    Just a small comment about security and "Caller ID" which is provided by external systems:
    Caller ID information, which is delivered from an external system, simply shows how the caller wants to introduce himself. Therefore, this information cannot be used as an authentication information and can not be accepted as an identifier of the real user of PBX... and it is just because some "callers" may have a "desire" to introduce himself as a user of PBX...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. stevemayman

    Joined:
    Sep 27, 2013
    Messages:
    8
    Likes Received:
    0
    This is a great idea! I set up an alias to forward voicemail to both my PC (where I want it all stored as a paper trail) and my phone where I will have immediate access to it. Also, I don't have to check in only to find that there are no new messages. Great suggestion! I feel stupid for not having sorted that one out on my own...

    Now eventually I may dip my toe into 3cx for the iPhone and try putting that on the same extension as my work phone and see if that has any benefit, but that is another thread entirely. Call this one solved!
     
  11. stevemayman

    Joined:
    Sep 27, 2013
    Messages:
    8
    Likes Received:
    0
    Thanks for the comment, and I understand that this method is not secure, but again your comments are assuming that security is desirable. My point is that this is not always the case and with 3cx we are stuck with security whether we want it or not. I understand the desire to protect people from themselves, but I often wish that disabling the security that someone else thinks you should have was an option...
     
  12. SY

    SY Well-Known Member
    3CX Support

    Joined:
    Jan 26, 2007
    Messages:
    1,825
    Likes Received:
    2
    I perfectly understand your point.
    It never was a "desire". Definitely, many people can protect themselves, but it does not mean that a "piece of software" may allow itself to generate unnecessary "dangerous conditions" even for such sort of people.
    My comment was about a "false sensation" that the "Caller ID" information is enough to by-pass the authentication procedure.
    Could you please describe the environment where the "option to identify user by 'who knows how it was calculated' Caller ID'" will be useful?
    Thanks
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    11,113
    Likes Received:
    329
    I've always believed that caller ID screening in conjunction with PIN access, is best. While Caller ID can be spoofed, it weeds out any incorrect numbers and allows the correct CID onto the next step of having to enter a PIN.

    While more and more people are able to spoof CID, it still requires the knowledge of which number to spoof, and only as a first step to access.

    Think of it in terms of the lock on your door in combination with an alarm system. Someone might have a copy of your key, but do they have the code to disarm the alarm?

    If someone is determined enough to get into your system, with enough time and resources, they probably will.

    In many cases breaches of security happen with the help of "inside" information.
     
  14. SY

    SY Well-Known Member
    3CX Support

    Joined:
    Jan 26, 2007
    Messages:
    1,825
    Likes Received:
    2
    leejor,

    The problem is that "Caller ID" is rather the public information than something what "someone" should try to guess... :(
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Thread Status:
Not open for further replies.