  Release Summary for 4.3-124
  [![Generic badge](https://img.shields.io/badge/release_status-building-lightgrey.svg)](https://shields.io/)
  Changes to branch `4.3` after version `4.3.123`.
  * [HELP-17551: allow disabling voicemail callback](https://github.com/2600hz/kazoo/pull/6640) - _by James Aimonetti_
      Prior to this change, an malicious caller could leave a voicemail with
      a bogus Caller ID number (typically an international number for
      fraud) to a compromised voicemail box. Calling back into the voicemail
      box, the malicious caller could select the callback option and place a
      call to the fraudulent number.
      If the account or owner of the voicemail box allowed international
      calling, the fraud would progress.
      This PR introduces two toggles to give system administrators more
      control over callback functionality.
      The first global config `should_disable_callback` can toggle whether
      to allow the caller to select the callback option in general. If set
      to `true`, the callback feature will be disable cluster-wide.
      The second global config `should_disable_offnet_callback` requires the
      caller to be using an authorized device. If set to `true`, the caller
      must place the call from a device known to the account (authorizing_id
      must be present).
      Presumably, if the malicious caller has compromised SIP credentials,
      they can place the fraudulent calls directly without the voicemail
      callback. It is recommended to at least toggle
      `should_disable_offnet_callback` to `true`.
  -- 2600Hz Official <packages@2600hz.com> +Tue, 13 Oct 2020 21:05:30 
