In answer to your P.S. – some of this is new to me. I don’t use GV, so some of these issues don’t come up. However, I do have a gmail account so I did some testing.
Yes, trusted Callers does ignore the “@” and everything after it.
For incoming CallerID the OBi ignores the “@” and everything after it.
If someone named
jon@gmail.com or jon@anything-else called from his Google Talk account to my phone number, wouldn't his call also go to my AA? Isn't that a big hole?
Yes, “jon” followed by “@” followed by anything with give a CallerID of “jon” and so will match your InboundCallRoute rule to give access to your AA. Yup – looks like a hole to me! To be fair, you can set a PIN number which prompts users for the PIN if using the AA Option 2. I find that too much of a nuisance, but the option is there.
I guess the moral here is to make your gmail user name very robust!
Obihai designed “Cicle of Trust” and “Trusted Callers” to allow non-techy people to use those functions and the InboundCallRoutes are changed by the OBi for them. They are blunt instruments. For instance, putting a number in Trusted Callers puts the corresponding access to AA rule in all InboundCallRoutes except for the OBiTALK InboundCallRoute.
You seem to be comfortable changing configurations, so you might get more finely tuned InboundCallRoutes by changing them manually. Using the “Expert Pages” as you have for other things. Uncheck the two boxes to the right, then simply input your own InboundCallRoute rules and submit changes.