Voicemail - Cell/Mobile transferring option

[MitelAvaya]

Really random one that's got me stumped!!
On our 3300 UR9, embedded advanced VM, a couple of users put someone's extension in as their cell numbers in their voicemail.

So when people called them and they didn't answer, pressing 3 would get them to that persons cell, that was actually someone's extension.

I'm now getting reports from this poor user receiving calls from people trying to reach other users by their cell, that it's not just 2 people, its more like 20+!

Is there any way to get into the voicemail and see what alternative numbers people have setup?

Also, I believe this may be a potential attack on our system, I've changed the 9999 maibox passcode, but is there anyway poeple could hack the VM?

 

[IrwinMFletcher]

Any reason why they use 3 and not the default 2?

You can't see through any forms that I know of, but SMDR should tell you who is calling.

Any chance that it's not at the transfer that's wrong? i.e it may be that everyone else is also using that person's mailbox.

 

[kwbMitel]

With that many instances I think you may have misintepreted something.

I'm going to assume this issue is associated with a known issue of ports not disconnecting and instead calling an internal number (Typically Zero).

The best fix for the above problem is to disable the COS option Multiline Offhook Dialing for the VM ports.

Additionally you can disable the message notification option that defaults to "Around the Clock"

The above options are good to implement regardless of my initial assumptions.

*******************************************************
Occam's Razor - All things being equal, the simplest solution is the right one.

 

[RossBC]

we had a site that was calling a certain number that they wanted stopped. SMDR showed it was voicemail that was calling it and we assumed it was personal contacts.In desparation, I did a diagnostic package, unzipped it and looked through all the files for that number. there was one file in the voicemail section that was mostly unprintable characters (was mostly gibberish when opened in notepad), but when I searched for that number it found it and next to it was the mailbox number. It didn't say which of the 9 digits it was connected to, but I did find the mailbox. turns out it was a spare phone that had an un-enrolled mailbox. some outside caller had found it and enrolled it and used it for his own purposes.
It was a couple of years ago, before we could force the smdr to show the mailbox that made the call via the account code field.
I don't remember which file it was, but if you open enough of them with notepad and do a search for your destination, you will find it, assuming that the diagnostic package hasn't changed too much since then.

 

[bobcheese]

If you think the vmail may have been or may be hacked you need to change ALL passwords for mailbox 9999 there are 2 or 3 depending on your controller age and SW version. Also mailbox 0 and any other single digit mailboxes that are programmed. Also make sure the COR of the vmail ports is locked down

As far as finding out personal contact details, checking SMDR is my only idea.

As KWBMitel touches on if the number being dialled by vmail is 0, there was a bug in R7 that caused vmail to give message waiting call to 0 everytime a message was left in corrupted mailboxes. This was fixed in later versions but only if a 'full install' was performed.

 

[MitelAvaya]

Thanks for the responses guys.

IrwinMFletcher - Apologies, my fat fingers should read 2. Also, to add to the confusion, the extn that is receiving the cell calls is on another cluster. So the 3300 where the calls originate are on another controller and go across the IP trunks to the other 3300.

kwbMitel - COS for the ports has that option disabled already. I haven't changed the Around the clock option as yet as I'd have to change every user.

RossBC - you mention diagnostic package, I've not seen this tool before, can you post where it is available to download or is it on MOL?

bobcheese - I've changed the passcode for all single digit extensions - was previously setup as a MLAA. VM COR is locked down as per the manual. The controller is on 9.0.1.18 and is around 3 years old. I'm pretty desperate to upgrade all our controllers to MCD 4, I've got a million and 1 bugs I'm hoping it will cure a few and add some more interesting ones!


As for the SMDR, found this excert and seems that 9999 is transferring to a VM port(3709) thing is, my admin mailbox is 999, if I try to enter in 9999 it seems to assume its a 3 digit site so won't allow me to enter the fourth 9.


3300 ICP 18:13:02 2/18/2010 00:00:10 3709 3709 39937419 A X9999 X 189 13709 Y0016801 A 1 02/18 10:13:02 0000:00:10 3709 3709 39937419 ASX9999 X 189 001 13709 Y0016801 A

 

[kwbMitel]

In your SMDR strings:

X9999 = trunk number.

3709 (first instance)= Calling Party

3709 39937419 = Digits dialed over Network where 3709 = initial digits 39937419 = subsequent digits that I would interpret as ext 7419 on system with CEID-3993

189 is a third party extension that answered the call after the call was transfered

The spacing is wonky so I can't help much further than that.


*******************************************************
Occam's Razor - All things being equal, the simplest solution is the right one.

 

[RossBC]

sorry, was not on my work computer when I posted so did not have ready access to help files. What I was referring to was the diagnostic zipped file that Mitel tech support request when they want to look at the logs.

In ESM,
Select Maintenance and Diagnostics from the Selection drop-down list.

Click System Diagnostics Reporting.

Select the Download the files to my computer.

Click Send System Diagnostics Report.