Hi Devs, After some testing I found that the MSFT_ExchangeTransferHack authorization plugin fro sipxproxy is no longer needed with Exchange 2010. I.E. a REFER from Exchange no longer looks like it is transferring to a foreign domain. What this means is that the TransferControl plugin challenges the REFER from Exchange. Exchange does not handle the Proxy Authentication and the call is gracefully dropped by Exchange (jira XX-9704).
I've written a patch that reads in a couple of FQDNs from the /etc/sipxpbx/sipXproxy-config that the TransferControl plugin uses as a white list to not challenge the REFER. I tested this and it works in sipxecs 4.4 (it should be a pretty straight forward port to 4.6). I have a few questions. 1. What is the plan for settings that exist in the /etc/sipxpbx directory? Are any of these moving to mongo? 2. When an exchange voice mail server is set-up in the UI, where are the server ip/fqdn settings stored? Is it only in the mappingrules.xml? 3. I don't like the idea of white lists from a security perspective. But short of having MS Exchange respond to a Proxy Auth I don't see a way around this. A properly functioning firewall should prevent any spoofed REFERS. Any thoughts? Thanks, Kyle -- Kyle Haefner, M.S. Communication Systems Programmer Colorado State University Fort Collins, CO Phone: 970-491-1012 Email: [email protected] _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev/
