Block specific inbound caller

Daniel Rau

unread,

Jan 19, 2021, 2:57:27 PM1/19/21

to sipxcom-users

There is a bot, or script, that is constantly dialing one of our DIDs. Is there any way to block this specific caller from dialing into our PBX? The only information I have is the phone number of the caller. No IP address for the caller.

The specific version of Sipxcom that we are running is: sipXcom (17.08.20170803044127 2017-08-03EDT04:08:30) with a private IP address behind a Fortigate firewall.

The DID that the caller is calling is configured as a hunt group which goes to a voice mail box after the caller listens to a recorded message.

Any help is greatly appreciated.

Thank you,

Dan

Nathaniel Watkins

unread,

Jan 19, 2021, 3:15:20 PM1/19/21

to Daniel Rau, sipxcom-users

We're doing some inbound filtering at our Patton gateway. I think that functionality would need to happen at your SBC.

--
You received this message because you are subscribed to the Google Groups "sipxcom-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sipxcom-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/af4c0f31-8720-4228-bab7-2ac7c3d8db60n%40googlegroups.com.

Todd Hodgen

unread,

Jan 19, 2021, 3:23:22 PM1/19/21

to Daniel Rau, Nathaniel Watkins, sipxcom-users

How about the carrier? They may be able to block it!

sent using my two left twiddling thumbs

From: sipxco...@googlegroups.com <sipxco...@googlegroups.com> on behalf of Nathaniel Watkins <nathanie...@gmail.com>
Sent: Tuesday, January 19, 2021 12:15:08 PM
To: Daniel Rau <dan...@gmail.com>
Cc: sipxcom-users <sipxco...@googlegroups.com>
Subject: Re: [sipxcom-users] Block specific inbound caller

To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/CAJEQSSYTOeAmx-HKUX97k-87PJ3-39vwC88YiC3k3fVXnbq0BQ%40mail.gmail.com.

Peter Krautle

unread,

Jan 19, 2021, 3:34:13 PM1/19/21

to Todd Hodgen, Daniel Rau, Nathaniel Watkins, sipxcom-users

Agree with Todd and Nathaniel – if your call is coming in through an SBC, dialplan adjustments can filter out rogue calls from specific DIDs. Carrier such as Voip.ms have options through their portal to block incoming calls from specific DIDs.

Peter

To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/MWHPR07MB35200D8DC2045941CB97FC3AFDA30%40MWHPR07MB3520.namprd07.prod.outlook.com.

Daniel Rau

unread,

Jan 19, 2021, 3:52:30 PM1/19/21

to sipxcom-users

Nathaniel, Todd, and Peter. Thank you for your response. We aren't using an external SBC, just the built-in sipXbridge. We use a sip trunk gateway to our ITSP who told us that they cannot (will not?) block the caller at their end. The carrier suggested that I create an inbound route to send the caller to never-never land. They aren't familiar with sipxcom so can't offer any suggestions on how to do that or if it is even possible on the sipxcom.

Is there any more information that I can provide that would be helpful?

Nathaniel Watkins

unread,

Jan 19, 2021, 4:35:51 PM1/19/21

to Daniel Rau, sipxcom-users

I don’t believe there is a way to do source based routing natively - I think you’d have to put a third party SBC between the ITSP and sipxcom.

To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/e07cc086-f7c3-4cc2-94be-d3e534ca2ad8n%40googlegroups.com.

Todd Hodgen

unread,

Jan 19, 2021, 6:25:19 PM1/19/21

to Peter Krautle, Daniel Rau, Nathaniel Watkins, sipxcom-users

Another thing to consider – place an Auto Attendant in front of it, that requires an option be selected prior to it going to the Hunt Group. I think eventually it will go away and you can remove the Hunt Group.

So one other thing I have done with some of these callers – I configure a phone on my system, and set my caller ID to their phone number. I call them several times and they magically remove my IP from their system. Calls stopped. Kept reaching a call center in India – and I would bug them a bit. Didn’t take long for them to pull my IP from their system.

To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/9c1c3976237844f8b6a6959e6530b407%40LouisaVoice.com.

Matt Keys

unread,

Jan 20, 2021, 4:52:44 PM1/20/21

to sipxcom-users

A few suggestions..

1. You're running a old version. 20.08 has the apiban blacklist which may help, see http://wiki.sipxcom.org/display/sipXcom/sipXcom+20.08

2. "The only information I have is the phone number of the caller. No IP address for the caller. " -- You should have more than that if your proxy (or bridge) log is at INFO or DEBUG verbosity, or if you're running the packet capture service. Your firewall logs may also be useful.

3. "with a private IP address behind a Fortigate firewall" -- Are you just port forwarding from fortigate to sipxcom without any source address restrictions? If yes, add source address restrictions to those port forwards. You probably only need your ITSP to use them unless you have remote workers. If you have remote workers you can get a known range by having them use vpn, or (if your firewall supports it like pfsense does) have them use a dynamic dns service to get a known/expected fqdn.

4. Configure sensible INVITE, REGISTER, SUBSCRIBE rate limits and use the built in SIP DoS protection to block anything that goes over those limits.