virtual pbx

[EvolutionElectronics]

Damn the torpedoes!!

Went ahead and put Amanda's GV number into the PBX... confirmed that she wasn't using that account for Gmail, and that she had logged out of GV from her phone. So far it's working just fine, inbound and outbound. Installing the IncrediFax module now... will have to give that an inbound number later on. Looks like all I have to do now is port the main business # over to GV and plug that one into the PBX, then I'm good as gold!

from what i read on GV's page you cannot port landline numbers if thats what you have

 

[SAG]

1. Email notifications
PIAF is supposed to send email notifications of voicemails, incoming faxes, etc. to the email address I've defined in the configuration. What I'm not able to figure out though, is how to configure PIAF to be able to actually send mail outside of the PBX itself. I've done plenty of Googling and everything I've found has proven to be pretty confusing. Basically, as I understand it, I need to have sendmail forward outbound emails to my email host... I'm just not sure how or where to do that. I'm kinda tempted to call up my old Linux instructor on this one, LOL.

Sendmail is installed and for all intents and purposes is a full fledged mail server. The problem you are likely having is that your ISP blocks port 25 preventing you from running a public SMTP server. An easy fix is to setup a remailer account with Gmail and reconfigure sendmail to use Gmail as a smarthost. I had actually planned on doing a writeup on that.

2. Inbound faxing on any line.
The NerdVittles guide I used to setup my Incredible FAX server says that PIAF should be able to identify and receive faxes on any inbound line thereby eliminating the need for a dedicated fax line. Apparently there's a bit of setup involved there, because everytime I tested it, the faxes failed. So far I'm only able to get inbound faxing to work if I dedicate an inbound route to the fax.

Fax detection works flawlessly if you have analog lines and an FXO card.
Using the Ti83-IAXMODEM-HylaFax setup, I'm not even sure it is possible. And if it is, I can't see it working out all that great. Since a GV trunk is free, no harm is using one dedicated for faxing.

Give me some time and I'll have some copypasta instructions for reconfiguring sendmail for you. It's actually pretty easy if you know how to do it - and with copypasta, it's easy if you don't know what you are doing.

 

[SAG]

FreePBX - Configure sendmail to use Gmail as a smarthost (relay)

So if you are using one of the FreePBX distros (pbxinaflash, trixbox, etc) and are using residential broadband that blocks your ability to run your own mailserver you can configure sendmail on the PBX to relay through google's gmail... here's how.

Please read this entire post before starting.

Make sure you have a gmail account to use (obviously) or create a new one just to be your mail relay. For my example, let's assume I have SAG-relay@gmail.com as my gmail relay address.

Now, ssh into your PBX.
Edit (create) the file /etc/mail/auth/client-info.
For me, vi is my editor of choice.

$ cd /etc/mail/auth/
$ vi client-info

Add the following two lines to the newly created file.

AuthInfo:smtp.gmail.com "U:smmsp" "I:SAG-relay@gmail.com" "P:My_Secret_Password" "MLAIN"
AuthInfo:smtp.gmail.com:587 "U:smmsp" "I:SAG-relay@gmail.com" "P:My_Secret_Password" "MLAIN"

Replace SAG-relay and My_Secret_Password with your email address and password.
Save the file.

Now we turn the text file into something usable for sendmail and make sure the proper permissions are set.

$ makemap -r hash client-info.db < client-info
$ chmod 0600 client-info client-info.db

Next we need to make a change to the sendmail configuration.

$ cd /etc/mail
$ vi sendmail.mc

The following is the code we need added to sendmail's configuration file.

define(`SMART_HOST', `smtp.gmail.com')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confCLIENT_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confCLIENT_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl

Finally we recompile the sendmail configuration file and restart the sendmail daemon

$ m4 sendmail.mc > sendmail.cf
$ service sendmail restart

And you can test it out real quick with

$ echo "this is a test" | mail you@your-email-address.com

Of course, use your email address.

For reference, here is a fully working sendmail.cf for a PBX In A Flash install

divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl # /etc/mail/make
dnl #
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for linux')dnl
OSTYPE(`linux')dnl
dnl #
dnl # Do not advertize sendmail version.
dnl #
dnl define(`confSMTP_LOGIN_MSG', `$j Sendmail; $b')dnl
dnl #
dnl # default logging level is 9, you might want to set it higher to
dnl # debug the configuration
dnl #
dnl define(`confLOG_LEVEL', `9')dnl
dnl #
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl #
define(`SMART_HOST', `smtp.gmail.com')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confCLIENT_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confCLIENT_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
dnl #
dnl #
define(`confDEF_USER_ID', ``8:12'')dnl
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl #
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl # Please remember that saslauthd needs to be running for AUTH.
dnl #
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl #
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl # cd /etc/pki/tls/certs; make sendmail.pem
dnl # Complete usage:
dnl # make -C /etc/pki/tls/certs usage
dnl #
dnl define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
dnl define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
dnl #
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl #
dnl define(`confDONT_BLAME_SENDMAIL', `groupreadablekeyfile')dnl
dnl #
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
dnl #
dnl # The following limits the number of processes sendmail can fork to accept
dnl # incoming messages or process its message queues to 20.) sendmail refuses
dnl # to accept connections once it has reached its quota of child processes.
dnl #
dnl define(`confMAX_DAEMON_CHILDREN', `20')dnl
dnl #
dnl # Limits the number of new connections per second. This caps the overhead
dnl # incurred due to forking new sendmail processes. May be useful against
dnl # DoS attacks or barrages of spam. (As mentioned below, a per-IP address
dnl # limit would be useful but is not available as an option at this writing.)
dnl #
dnl define(`confCONNECTION_RATE_THROTTLE', `3')dnl
dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
dnl #
dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP delivery uncomment
dnl # the following 2 definitions and activate below in the MAILER section the
dnl # cyrusv2 mailer.
dnl #
dnl define(`confLOCAL_MAILER', `cyrusv2')dnl
dnl define(`CYRUSV2_MAILER_ARGS', `FILE /var/lib/imap/socket/lmtp')dnl
dnl #
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl #
dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl #
dnl # For this to work your OpenSSL certificates must be configured.
dnl #
dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
dnl #
dnl # The following causes sendmail to additionally listen on the IPv6 loopback
dnl # device. Remove the loopback address restriction listen to the network.
dnl #
dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
dnl #
dnl # enable both ipv6 and ipv4 in sendmail:
dnl #
dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')
dnl #
dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
FEATURE(`accept_unresolvable_domains')dnl
dnl #
dnl FEATURE(`relay_based_on_MX')dnl
dnl #
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl #
LOCAL_DOMAIN(`localhost.localdomain')dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
dnl MASQUERADE_AS(`mydomain.com')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
dnl FEATURE(masquerade_envelope)dnl
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
dnl FEATURE(masquerade_entire_domain)dnl
dnl #
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
dnl MASQUERADE_DOMAIN(mydomain.lan)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl MAILER(cyrusv2)dnl

Attached is a .txt file that you can use to copy/paste from. It's pretty much everything I have written. The problem being, some web browsers (and forum software) changes the quotes. This is a big NO NO.

Hopefully this helps.

 

[DocGreen]

Don't fret on this man. When I have time I'll be able to answer all of this for you. On a job right now, waiting on this RAID to rebuild.

Thanks buddy. Like I said, the important stuff works great. These are just the little details that have me scratching my head. I vaugely remember messing with sendmail in a class years ago, but not well enough to be of any use, lol. That and I'm pretty sure we only ever configured it as a stand-alone mail server.

No rush though, whenever you have time. I could put this thing into production right now and it would work adequately enough to get the job done.

 

[DocGreen]

Wow, I guess I type slow! LOL, thanks. Getting ready to walk out the door... I'll jump on this when I get back and let you know how it goes. Thanks again!

@ Evolution - Its a mobile number.

 

[DocGreen]

***WALL OF CODE***

Works like a charm!

I tried to modify that to use my hosted mail server instead of gmail... but that did not work at all. I had it setup the same, which should have worked... but it just kept getting blocked by spamhaus.org. Apparently my email host doesn't accept mail coming from a dynamic comcast IP, while google could care less. I did read something about this and how you would likely need reverse DNS lookup records pointing back to your server in order for it to work. Oh well... gmail it is!

As for the faxing... yeah, I totally don't mind having a dedicated trunk for faxing. The only tricky part is snatching up a local number in GV. There aren't any available, but I have a friend with a local GV number that she's never used (and doesn't want to)... trying to get that number transferred to a new account that isn't being used for email.


Thanks for the copypasta, SAG!! You're the man!

All that's left to do now is map out all the inbound roots and IVR scripts/destinations, and then hook up some phones. This has been really fun! I'm looking forward to getting really comfortable with it so I can offer it to customers as well... it also has me wanting to setup a Ubuntu box just for kicks

 

[SAG]

Works like a charm!

I tried to modify that to use my hosted mail server instead of gmail... but that did not work at all. I had it setup the same, which should have worked... but it just kept getting blocked by spamhaus.org. Apparently my email host doesn't accept mail coming from a dynamic comcast IP, while google could care less. I did read something about this and how you would likely need reverse DNS lookup records pointing back to your server in order for it to work. Oh well... gmail it is!

As for the faxing... yeah, I totally don't mind having a dedicated trunk for faxing. The only tricky part is snatching up a local number in GV. There aren't any available, but I have a friend with a local GV number that she's never used (and doesn't want to)... trying to get that number transferred to a new account that isn't being used for email.


Thanks for the copypasta, SAG!! You're the man!

All that's left to do now is map out all the inbound roots and IVR scripts/destinations, and then hook up some phones. This has been really fun! I'm looking forward to getting really comfortable with it so I can offer it to customers as well... it also has me wanting to setup a Ubuntu box just for kicks

Good to hear it's going well.
BTW, I'll be making a trip to the post office in a few hours.

 

[DocGreen]

Just configured my first actual SIP phone! I probably missed a bunch of stuff... but I get incoming and outgoing calls, so I'm gonna call it a win!


Side note... with PIAF, it comes with all these pre-configured extensions: 501, 701-715. These all show up in my Flash Operator Panel, but the extensions that I configured (201, 211) do not. Can I delete the pre-configured extensions? Should I delete the extensions I created and instead use the pre-configured ones?


Thanks!!

 

[SAG]

All those extensions are in the 777 Ring Group which is part of the default Inbound Router that it has setup for All Incoming DIDs. It's basically just an example but has all the proper settings to make the extensions as secure as possible.

Yes, you can delete them all.
Yes, you can create and use your own extensions.

Your extensions should show up in the FOP. Maybe it just needs a *nudge*.
Try the following, ssh in to your PBX and:

$ cd /usr/local/fop2
$ sh ./autoconfig-buttons-freepbx.sh
$ service fop2 restart

 

[SAG]

That Aastra is a nice phone.
BTW, does the headset work? It's been sitting in a drawer for years, my son used to use it to pretend he was working with me in my office (had a laptop and phone and all, was cute), and I forgot to check it.

 

[DocGreen]

All those extensions are in the 777 Ring Group which is part of the default Inbound Router that it has setup for All Incoming DIDs. It's basically just an example but has all the proper settings to make the extensions as secure as possible.

Yes, you can delete them all.
Yes, you can create and use your own extensions.

Your extensions should show up in the FOP. Maybe it just needs a *nudge*.
Try the following, ssh in to your PBX and:

Tried the command... "no such file or directory" when I attempt to cd to the fop2 folder. I tried to search for it to see if maybe it was in a different parent folder, but I honestly can't remember how to use grep to save my life, LOL.


I was going to ask about 32 more questions, but then I decided to just wait and give you a call later... LOL!


Headset works like a charm, by the way

 

[SAG]

Tried the command... "no such file or directory" when I attempt to cd to the fop2 folder. I tried to search for it to see if maybe it was in a different parent folder, but I honestly can't remember how to use grep to save my life, LOL.


I was going to ask about 32 more questions, but then I decided to just wait and give you a call later... LOL!


Headset works like a charm, by the way

My mind is in the WayBack Machine aparantly, the instructions I gave you wouldn't work for your newer FreePBX setup.
WTF was I thinking.
Call me when ready man.

 

[DocGreen]

Here's a question for the PBX In A Flash users...

What's the best practice for updating your PIAF server?
Is there a way to set it up to auto-update (automatically run update-programs & update-fixes)? Or do you just need to get into the habit of periodically running the updates manually? If manual, how frequently do you run them?