FortiCarrier MMS Address Translation options

MMS Address Translation options

The sender’s carrier endpoint is used to provide logging and reporting details to the mobile operator and to identify the sender of infected content.

When MMS messages are transmitted, the From field may or may not contain the sender’s address. When the address is not included, the sender information will not be present in the logs and the unit will not be able to notify the user if the message is blocked unless the sender’s address is made available elsewhere in the request.

The unit can extract the sender’s address from an extended HTTP header field in the HTTP request. This field must be added to the HTTP request before it is received by the unit. If this field is present, it will be used instead of the sender’s address in the MMS message for logging and notification. If this header field is present when a message is retrieved, it will be used instead of the To address in the message. If this header field is not present the content of the To header field is used instead.

Alternatively, the unit can extract the sender’s address from a cookie.

You can configure MMS address translation to extract the sender’s carrier endpoint so that it can be added to log and notification messages. You can configure MMS address translation settings to extract carrier endpoints from HTTP header fields or from cookies. You can also configure MMS address translation to add an endpoint prefix to the extracted carrier endpoints. For more information, see Dynamic Profiles and Endpoints in the Authentication guide.

MMS Address Translation
Sender Address Source Select to extract the sender’s address from the HTTP Header Field or a Cookie. You must also specify the identifier that contains the carrier endpoint.
Sender Address Identifier Enter the sender address identifier that includes the carrier endpoint. The default identifier is x-up-calling-line-id.

If the Sender Address Source is HTTP Header Field, the address and its identifier in the HTTP request header takes the format:

<Sender Address Identifier>: <MSISDN_value>

Where the <MSISDN_value> is the carrier endpoint. For example, the HTTP header might contain:

x-up-calling-line-id: 6044301297

where x-up-calling-line-id would be the Sender Address

Identifier.

If the Sender Address Source is Cookie, the address and its identifier in the HTTP request header’s Cookie field takes the format of attribute-value pairs:

Cookie: id=<cookie-id>;

<Sender Address Identifier>=<MSISDN Value>

For example, the HTTP request headers might contain:

Cookie: id=0123jf!a;x-up-calling-lineid=6044301297

where x-up-calling-line-id would be the Sender Address

Identifier.

Convert Sender Address From / To HEX Select to convert the sender address from ASCII to hexadecimal or from hexadecimal to ASCII. This is required by some applications.
Add Carrier Endpoint Prefix for Logging / Notification Select the following to enable adding endpoint prefixes for logging and notification.
MMS Address Translation
Enable Select to enable adding the country code to the extracted carrier endpoint, such as the MSISDN, for logging and notification purposes. You can limit the number length for the test numbers used for internal monitoring without a country code.
Prefix Enter a carrier endpoint prefix to be added to all carrier endpoints. Use the prefix to add extra information to the carrier endpoint in the log entry.
Minimum Length Enter the minimum length of the country code information being added. If this and Maximum Length are set to zero (0), length is not limited.
Maximum Length Enter the maximum length of the country code information being added. If this and Minimum Length are set to zero (0), length is not limited.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in FortiCarrier on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.