Robo Call Block Per Domain

[VoIP Doctors]

I was wondering if anyone has made the following update to the Call Block app/module in FusionPBX.

The FCC has a public database of all robo/spam callers. With that I am looking to import the list into v_call_block and in the GUI give each domain the ability to enable/disable this list of numbers.

From looking at the code it appears I can import into the table; however what it lacks is an individual domain to turn this feature on and off.

 

[smn]

I know this is not what you are looking for but you can also simuring the nomorobo phone number to use their blacklist. Its free to use for VoIP lines other than the call cost. Seems to catches most of the most annoying calls (google ad scam, active number collectors etc.)

https://www.nomorobo.com/

 

[VoIP Doctors]

Interesting. Thank you.

 

[KangarooWho]

Has anyone come across where I can find a list of spam numbers that I can use as you say, to load into our FusionPBX systems and apply call blocking? I would then write a tool/script to import the list into the system so there would be nothing to type in.

 

[KangarooWho]

@VoIP Doctors: You mentioned when looking at the code it appeared to lack anything to set individually against domains. This is easily enough handled by an sql script. If someone has a big list of known spam numbers to block, I will write an sql script to read from a text file or spreadsheet a list of phone numbers, and load them into any FusionPBX, where you can specify "global" or individual domain(s) only. I would make that available to anyone who wants it...

 

[Dan]

Has anyone come across where I can find a list of spam numbers that I can use as you say, to load into our FusionPBX systems and apply call blocking? I would then write a tool/script to import the list into the system so there would be nothing to type in.

Number based blocklists are destined to fail when the attacker has the ability to send any caller ID they want. At best, greylisting (like with email) might be of some use. I was thinking of using an IVR that prompts for a random digit to be pressed followed by asking for caller name (useful for passing to a speech to text engine for Caller ID), with a bit of logging to get statistics. Perhaps we could generate a regex for the number blocks they're spoofing and only route calls from those blocks to this application.

This type of filtering could apply only to numbers that haven't been seen before, and/or non-RBOC/wireless numbers (as it seems some mass calling campaigns use unassigned number blocks, or unused number blocks that have been assigned to CLECs). The latter could be determined with a LRN lookup, pretty inexpensive way to figure out line type...

One other thing I would like to see is an XML "app" that lets customers mark a call as spam, bad caller ID, poor call quality, etc. I think it would be trivial to implement for the GXP2140 and similar, and would provide useful, semi-accurate feedback that could help those of us running PBXes find out about issues that might otherwise be missed.

 

[KangarooWho]

Thank you for your response Dan. You are right, since they can spoof their CID any attempt at mass list imports would theoretically block only 1 call from each big spammer, before they used a different number the next time. Worse, they likely have the same or larger access to the DNC lists, which simply means they make sure whatever CID they are going to spoof with is "not" on any DNC list, to maximize their chances proactively and not re-.

The solution you mention as a possible workaround (IVR prompt for digit): I did use that exact solution at my HOME for several years. I found a sort of inbound phone gadget that you could program so that when an inbound call reaches the 'box' (via standard POTS line), was designed so you could have a fax, your home analog phone, PC modem, and a 4th port for one more phone, fax, whatever.

How it worked (it was really cool: You program a ONE or TWO digit code for each of the 4 incoming destinations, other optional codes were to check voicemail from the unit itself, or you could have a code to play a BUSY, DISCONNECT, etc. When anyone called me they would hear "Sorry I am not home, to leave a message press 1". Although that was the prompt, people who KNEW ME knew better. Pressing "1" doesn't let you leave a message, it disconnects you! Pressing 2 would then begin ringing my home phone. I didn't use other lines. So any time my phone phone would ring, I would know for sure it was someone I knew and had given the code to. Eventually that $99 box broke and I couldn't find an equivalent. These days I no longer have a land line.

 

[Dan]

Thank you for your response Dan. You are right, since they can spoof their CID any attempt at mass list imports would theoretically block only 1 call from each big spammer, before they used a different number the next time.

From what I've seen, many of the mass calling campaigns change caller ID every single time they make an outbound call. Usually they will use the same area code and the first two digits of your number after the area code. Blocking calls from a number reported as a spammer will not help anything in this case.

Worse, they likely have the same or larger access to the DNC lists, which simply means they make sure whatever CID they are going to spoof with is "not" on any DNC list, to maximize their chances proactively and not re-.

Eh, some might be doing that, but its hit and miss.

The solution you mention as a possible workaround (IVR prompt for digit): I did use that exact solution at my HOME for several years. I found a sort of inbound phone gadget that you could program so that when an inbound call reaches the 'box' (via standard POTS line), was designed so you could have a fax, your home analog phone, PC modem, and a 4th port for one more phone, fax, whatever.

Yeah, no reason this shouldn't exist as a FusionPBX app, perhaps I'll circle back to this eventually (or a client will pay me to build it)...