[asterisk-biz] OT Preventing VoipSpam Was RE: [OT] Reporting Spam

John Todd jtodd at digium.com
Sun Nov 9 19:12:29 CST 2008

On Nov 7, 2008, at 12:28 PM, Trixter aka Bret McDanel wrote:

> On Fri, 2008-11-07 at 11:24 -0800, John Todd wrote:
>> It would be possible right now to create a filter mechanism that  
>> would
>> allow you to whitelist/blacklist callers based on "Caller ID" in the
>> From: header, using existing DNS tools with probably very few
>> downsides.
> I do it with enum, if there is a response its blacklisted, the same  
> way
> RBLs work, in fact at one time before you were with digium I had
> approached you (John) about doing something like this, but it never  
> went
> anywhere (dont feel bad others that had other infrastructure that was
> better suited to do this also said yes then it went silent).  I had
> given up on doing this a couple years ago because I couldnt find  
> anyone
> else particularly interested in actually going past the talking stage.
> I had even planned on doing different routes based on the call, which
> would terminate locally of course, but that way you could flag calls
> based on commercial, religious, political, scam, etc so that custom
> responses could be generated at the end users desire for each group,  
> or
> allow some types but not others.
> There are some quirks in the way that asterisk deals with enum that
> would make this less desirable, but they can be overcome.  And because
> its enum its not a single product solution, or a lot of new code, it
> would literally be a dialplan change for anyone that wants it, and  
> enum
> being a standard it should work in a reliable way regardless of what
> switch technology was used, so long as it does enum.

As with most things, if there is an economic incentive, it will get  
done.  The problem with "VoIP spam" is light, and there seems to be  
little incentive on even traditional telephony networks to outlay  
money to solve the problem.  False positives are also a serious  
problem; no service provider wants to be in the situation of  
explaining why calls from Aunt Millie are sent to a legal-sounding  
announcement asking never to call again.  Just like joe-jobbing, voice  
spammers will quickly figure out that they should send the caller ID  
of someone trusted, like a bank, or Aunt Millie.

Other issues standing in the way of a centralized blacklist: a trust  
model for reporters and for clients, a reputable brokerage, a set of  
rules for addition/subtraction to the list, a lawsuit threat from  
blacklisted numbers, and the host of other nightmares that has already  
plagued the email spam methods.  The privacy issue alone is  
nightmarish - some central system, not under my company's control, is  
going to see EVERY SINGLE caller ID that comes into my switches?  Holy  
private information leakage, Batman!

Please don't take this to be a discouragement of the process - I'm all  
in favor of such a tool, and I might even use it, and my comments are  
negative because I've put so much time into thinking about the problem  
and trying to come up with a workable method.  But the technical  
solution is only about 1/4 of the total effort and problem set.   
Personally, it would be sufficient for me if I could just pick up the  
phone on a new inbound call, hear a telemarketer, press the  
(theoretical) "Spam" button on my phone, and then my _local_ phone  
system would never let that number through again.  A distributed model  
is great and much more effective, but much more difficult to wrap  
one's arms around.  As you say, Asterisk can do all these things  
easily already in the dialplan - now it's up to someone (you?  
e164.org? someone else?) to put it all together in a way that people  
will use (if they want to use it, which remains to be seen.)

You might find this interface API interesting for some people who have  
already collected some set of e.164 addresses and allow for query and  
commentary and even some Asterisk AGI scripts for lookup/submission:

PS: Somewhat related to this topic - I've never once received a "spam"  
SIP call, meaning a call from someone who I didn't want to hear from.   
This speaks to how disappointingly rarely SIP URIs are used as inbound  
calling pointers.  I've often received "broken" calls (people testing  
their setups) but not "spam" calls.  I'm just not sure the market  
exists for solutions to a problem that doesn't exist yet.  This is  
different than using Asterisk to screen traditional PSTN calls for  
spammish nature, which we talk about above.


John Todd
jtodd at digium.com        +1-256-428-6083
Asterisk Open Source Community Director

More information about the asterisk-biz mailing list