Access control ???

Sam Leffler (sam@hyla.chez.sgi.com)
Thu, 28 Dec 1995 16:49:02 +0100
Messages sorted by:[ date ][ thread ][ subject ][ author ]
    To:  mgetty@muc.de
    Subject:  Access control ???
    Date: Wed, 27 Dec 1995 22:26:48 +0100
    From:  Tomas Dumcius <td@aiva.lt>

    Hello all,
    
    I was wondering has anyone heard of some sort of access control to using
    mgetty+sendfax? I want mgetty to recognize a caller after he/she types a
    sort of password and after that the destination where he/she wants the fax
    to go to.
    For example, they call my UNIX machine with an ordinary fax machine, mgetty
    answers their call and waits for identification and fax destination number.
    It might put read everything into one line, it doesn't really matter, 
simply
    I want mgetty to deny some callers and to KNOW where a legitimate caller
    wants to send his/her fax.

In general this is not possible because the current fax protocol does not
provide information of the sort you describe.  The transmitting fax machine
is required to send an identification string termed a TSI but this string may
be set to anything by the sender and so cannot be trusted as a legitimate
identification of who the sender is.  Regarding the "destination number",
I assume this is intended to be used in routing the inbound fax to a specific
person.  In fax protocol parlance this is termed a SubAddress.  Support for
sending this information was only recently added to the protocol spec and
I know of no fax machines that support it (and very few software packages
that send/receive it).

FWIW, HylaFAX has a couple of mechanisms for screening and routing inbound
fax.  There is a "TSI qualification" mechanism whereby inbound calls can be
accepted/rejected based on the received TSI.  As mentioned previously this
can be trivially fooled by the sender if they know a valid TSI to use. 
Similar to the TSI screening calls can be accepted/rejected based on Caller ID
information; this is more reliable but requires CID service and a modem that
can send CID information to the host.  Finally, in my current software (not
yet released) I've added support for the new protocol frames SUB, SEP, and PWD
that are used to pass SubAddress information, Selective Polling info (for
doing polled retrieval of one of possibly many files), and passwords.  These
protocol mods are however of limited use because they are only supported with
Class 1 modems and both sender and receiver must support them.  Oh, HylaFAX
also supports routing based on well-known TSI values; basically there is a
table of well-known TSIs that are used to automatically dispatch incoming
fax by email (works pretty well except for the need to manually administer
the table).

If you want to learn about HylaFAX functionality check out the documentation
at http://www.vix.com/hylafax/.

Bottom line is that if you are looking to screen regular fax machines with
existing technology you probably need Caller ID and some mechanism for
screening calls based on CID.  I don't recall if mgetty has this support
(if not it's easy to add).

        Sam