Removing Mailbox And Password Prompt For Voicemail
Hello,
I am using Asterisk voicemail on a CentOS 7 server. I would like to be able to remove the ‘mailbox’ prompt and ‘password’ prompt when a user tries to access their voicemail. I can remove the ‘password’ prompt by not setting a password for the user, but the ‘mailbox’ prompt is always heard. Please let me know how Asterisk can be configured to remove these prompts.
Nabeel
27 thoughts on - Removing Mailbox And Password Prompt For Voicemail
I assume that you mean when they access it from their own phone.
Bad, bad idea. If you remove the password then anyone can get to the mailbox.
Define this local extension:
exten => *98,1,Verbose(0,${CHANNEL(peername)} calling voicemail)
same => n,VoicemailMain(${CHANNEL(peername)}@VoiceMail,s)
same => n,Hangup
If I remove the password, how can anyone access the mailbox if the
‘mailbox’ prompt is not played?
Nabeel
It sounds like you really want it to jump straight into one voicemail box with no auth, not just removing the prompts. Try something like this
exten => *85,1,VoicemailMain(100,s)
When you dial *85, you will get voicemail for mailbox 100, and no passcode prompt. Jumps straight into the menu “You have FOUR new messages…”
Depends on your use case, at home I have several phones and one mailbox. So I _want_ everyone to get to the mailbox with a minimum of effort.
Brian
Not playing the prompt changes nothing. If someone presses ‘*’ while listening to your answer message then they are in your mailbox. You better have a password that they need to enter to continue.
I tried your extension definition as suggested:
exten => *98,1,Verbose(0,${CHANNEL(peername)} calling voicemail)
same => n,VoicemailMain(${CHANNEL(peername)}@VoiceMail,s)
same => n,Hangup
But there was no change in the prompts asked, ie. the voice first asked for
‘mailbox’, and then ‘password’ as before. The prompts are not removed.
Please clarify what you mean by the following:
“If someone presses ‘*’ while listening to your answer message then they are in your mailbox.”
Do you mean while someone is listening to another user’s ‘unavailable message’ or ‘busy message’, if they press ‘*’ at that time they will enter the other person’s mailbox?
Nabeel
Depending on the version of Asterisk you are running, and assuming that your phones are SIP devices, you might want to try this (lots of debug at the top which could be removed):
exten => *98,1,NoOp(——- VOICEMAIL MENU ——-)
same => n,NoOp(CALLERID(num): ${CALLERID(num)})
same => n,NoOp(ip : ${SIPPEER(${CALLERID(num)},ip)})
same => n,NoOp(mailbox : ${SIPPEER(${CALLERID(num)},mailbox)})
same => n,set(DATETIME=${STRFTIME(${EPOCH},,%C%y-%m%d-%H%M)})
same => n,NoOp(DATETIME : ${DATETIME})
same => n,Answer same => n,Playback(silence/1)
;same => n,ExecIf($[“${CALLERID(num)}” “206”]?Set(VMBOX2):Set(VMBOX0))
same => n,Set(VMBOX=${SIPPEER(${CALLERID(num)},mailbox)})
same => n,VoicemailMain(${VMBOX},s)
same => n,Hangup
If you wish to override the default mailbox for a particular user, you can also uncomment the line above which in this example connects extension 206 to the voicemail box for extension 100.
;same => n,ExecIf($[“${CALLERID(num)}” “206”]?Set(VMBOX2):Set(VMBOX0))
But did you understand every line and what it was doing?
Too much information missing. Perhaps instead of asking how to implement the solution that you have already decided on you should instead tell us what problem you are trying to solve. Are you really trying to make your voicemail available to anyone who calls you or are you limiting it to just the registered phone? How are you accessing VM?
That’s exactly what I mean. That’s why you need to password protect it. The above recipe allows you to bypass the password prompt but only when called from the registered phone and only when “*98” is dialed from that phone.
I suspect that you need to read the documentation a lot more. VoIP/SIP
is complicated. I certainly don’t understand everything but I was able to craft the above extension by reading up on extensions as well as system variables.
They are quite self-explanatory, so of-course I understand them.
I am using ODBC realtime storage with Asterisk. Currently, with no password set, a user can dial the voicemail number to retrieve their own voicemail, without needing to enter a password (without hearing the password prompt). However, there is still a ‘mailbox’ prompt played, and if a different mailbox number is entered after this prompt, then a password can be entered
(if set) which intrudes into the other person’s mailbox. I want to remove this ‘mailbox’ prompt so that users won’t have this opportunity to access another person’s mailbox.
That’s exactly what I mean. That’s why you need to password protect
I am yet to test this behaviour in Asterisk during the Unavailable/Busy message. However, if this is the case, then this seems to be an illogical security hole in Asterisk’s design. Why does Asterisk allow accessing another person’s mailbox by pressing the ‘*’ key, while listening to *the other person’s* unavailable message?
Nabeel
So you can access your own voicemail remotely.
Steve
From their own phone or from any phone?
It’s not for accessing another person’s mailbox. It’s for accessing your own when you are away from home/office.
From their own phone. If calling from any other phone, the only difference
– for entering the same mailbox – is to enter the mailbox number immediately after the ‘mailbox’ prompt,
For my setup, the user only needs to access their mailbox from their registered device, not from any other phone. This is why I am trying to remove the ‘mailbox’ prompt altogether, because it is more efficient for users to skip that step if possible.
Nabeel
So… I think you’ve been given all of the necessary elements to a solution which will allow you to do this, while still maintaining adequate voicemail security.
(1) Set up an inbound voicemail mailbox (you’ve already done this).
(2) Set up a strong, non-guessable password on the mailbox. This
will allow you to access the mailbox remotely, if you wish
(by using the “* during the mailbox’s greeting” feature)
without allowing random callers to break into the mailbox.
(3) Set up a custom dialplan context for those phones that you
wish to give “password-less” access to the mailbox.
(4) In this context, add an extension which, when dialed, runs
the VoiceMailMain() application, specifying the correct
mailbox identifier for those phones, and including the “s”
option (which will bypass the password prompt).
(5) In sip.conf, place each of these phones into this custom
dialplan context.
(6) If desired, record a different voicemail greeting message
in place of the “Camedian mail”, convert to the correct
format, and place into your voice-prompts directory.
(7) Do a “dialplan reload” and “sip reload”.
Voila. You’re done. From any of these phones you’ll be able to dial the extension you added in step (4), and go right to the voicemail “You have NNN new messages” greeting and the menu. No password required.
You’ll also be able to access your voicemail remotely (and safely)
by dialing one of these extensions, waiting for the “Please leave a message” greeting, and hitting “*”, and then entering the password.
I have now tested the ‘Unavailable’ message by pressing “*” while listening to the recorded message. I can confirm that this does NOT directly enter to the called number’s mailbox. It actually enter’s the registered device’s/caller’s own mailbox. Therefore, this does not necessitate setting a password.
The problem is that the ‘mailbox’ prompt allows a way for accessing any other mailbox, which is not necessary in my case. If anyone knows a way to remove this ‘mailbox’ prompt, please let me know.
Nabeel
Not having followed the thread from the beginning I must admit, not sure if the ‘s’ flag has been suggested to you? What I have in my dial plan is
exten => 100,n,VoicemailMain(s${CALLERID(num)})
So callers can dial 100 from their phones and get immediately into their mailboxes without any sort of authentication.
This does have security concerns as anyone can walk up to anybody else’s phone and start dialling to listen to someone else’s messages. In my installation this is not a problem, but could be a problem elsewhere.
Apologies if the thread was about something entirely different and this was not the problem.
regards Adam
Let’s get this straight. You call yourself from any phone in the world and press ‘*’ while listening to the message, you wind up in your own mailbox and you believe that means that you don’t need a password? Do you think that the phone system somehow knows that it is you calling and not one of the other 7.4 billion people on the planet. The password is how it knows.
This seems to conflict with the first paragraph. Are you being asked for the mailbox number or the password? In a properly set up system, entering ‘*’ during the message should put you into the callee’s mailbox and ask for a password. Calling ‘*98’ from your own phone, if the extension I originally showed you exists, should put you directly into your own mailbox without asking for a password.
I think that it is well past the time to tell us what your setup is and exactly what you are trying to accomplish. I think that you may be making the common error of telling us your solution (remove mailbox prompt) rather than your actual problem.
You seem to misunderstand even after I have explained. I don’t need a password when calling my mailbox from my own registered phone (not calling from any other phone). I don’t need to call my mailbox from other phones on the planet, so I don’t need a password. Consider the voicemail you get from your mobile network on your mobile phone. You don’t access it from any phone in the world; you only access it from the mobile phone which has your SIM, and you probably don’t enter a password for it.
The password is only asked if a password has been set. A password is also asked if any number is entered after the ‘mailbox’ prompt.
Nabeel
To get rid of the “Mailbox?” prompt, you need to supply a mailbox as a parameter to the VoicemailMain() command:
exten => xxxx,y,VoicemailMail(${mbox})
This takes you straight to the mailbox specified by ${mbox} . If mailboxes are simply the same as extension numbers, then you can just use ${CALLERID(num)}
here. Otherwise, you may need a script to look them up in a database.
If you also add the “s” option, like this:
exten => xxxx,y,,VoicemailMail(${mbox},s)
Then this will also get rid of the “Password?” prompt (and therefore presume you are already authenticated). Therefore, this should *only* be used in one of the following situations:
(1) In a small, intimate business environment, where there is full mutual trust between all personnel and nobody has any secrets from anybody else.
(2) Where sufficient precautions have been taken to ensure that phones are physically secure against unwanted access.
The latter is the approach usually taken by telcos with their basic voicemail configuration; your messages can only be retrieved from your own phone, which normally is either behind a locked door (if it is a land line) or about your person (if it is a mobile).
For instance, you might have something like this in your Dialplan.
“get_mailbox.agi” is an AGI script (not included) for looking up the mailbox associated with a caller’s number and populating a channel variable “mbox”, or leaving it empty in the event of an error. “ajs-vm_not_avail.wav” is a sound file (also not included) announcing that voicemail is not available.
exten => 1571,1,AGI(get_mailbox.agi,${CALLERID(num)})
exten => 1571,n,GotoIf($[${mbox}]?mbox_ok:mbox_err)
exten => 1571,n(mbox_ok),VoicemailMain(${mbox}, s)
exten => 1571,n,Hangup()
exten => 1571,n(mbox_ng),Playback(ajs-vm_not_avail)
exten => 1571,n,Hangup()
I should add, a password is *always* asked if a password has been set. There isn’t a way to bypass that.
And the extension I suggested in answer to your original question will do that for you. Are you saying that pressing “*98” from your phone requests a password?
You need a password to protect your mailbox from people entering ‘*’
during your message. The extension I gave you bypasses the password when you call from your own phone.
Yes but if someone accesses it from another phone it damn well better ask for a password before serving up my messages.
From outside phones. What happens when you dial “*98” from your own phone.
Excuse my formatting here, this is my first contribution to the list. I
believe I understand what you are trying to accomplish. In my dial plans I
have extension 87 setup to go to a peers voicemail box directly without need for a password. The App/Appdata I call is as shown below. Hope this helps!
VoicemailMain(${SIPPEER(${CHANNEL(peername)}:mailbox)},s)
Robert Berlin Manager of Operations & Systems Development Florida High Speed Internet
(321) 205-1100
————————————–
That’s why I suggested this extension at the start of this thread.
exten => *98,1,Verbose(0,${CHANNEL(peername)} calling voicemail)
same => n,VoicemailMain(${CHANNEL(peername)}@VoiceMail,s)
same => n,Hangup
Then something is wrong.
http://darcy.vex.net/star98.mp3
A password prompt is avoidable with a “,s” in the VoicemailMain appdata
Robert Berlin Manager of Operations & Systems Development Florida High Speed Internet
(321) 205-1100 x109
————————————–
Perhaps you should read the whole thread before replying. Variations of your suggestions have been made a number of times. Also, please watch the attributions. I am not the one trying to make this work.
I get password prompt if a password is set, and no password prompt if no password is set.
I wonder if the difference could be due to different Asterisk versions or the use of ODBC storage. For me, no password is asked only if I don’t set a password. In other cases, it does. But i’ll keep testing.
Hi Could please show us your dialplan as you have it now and the lines in the log on that call it would probably help a lot more
בתאריך 4 באוג׳ 2016 5:00 PM, “Nabeel” כתב: