Blacklist Upgrades - Comments

The usefulness of black lists has suffered as spamers have turned to spoofing and rapid turnover of DIDs, but I think the availability of black and white list are still a good idea. To be really a useful tool, the implementation needs to go beyond the front end list checking and the ability to add items and needs to provide list management functions. To do this, the list database must be able to capture data like number of hits and last hit date. The list management interface then needs to be able to do things like sort by column and delete by criteria. Otherwise the list just gets bigger and there no basis for managing it.
I have posted these issues previously but I just thought I would refresh the topic for those who might be considering upgrades to the module.

Whitelist would be a terrible idea. Although if you want it, you can technically setup a Any/Any route to terminate the call, then setup routes matching the CID… Bingo. We got a whitelist.

Out of curiosity: why would you want to know how many times a blacklisted number tried calling?
(Tip: besides the log in the Blacklist module, you can actually see that in CDR.)
You mentioned managing the blacklisted numbers. Can you elaborate?

Currently the fcc blacklist runs to hundreds of thousands of numbers, unfortunately it is completely ineffective ( been there done that) but you can add ‘count’ and ‘date’ fields to the sqlite3 blacklist ‘table’ if you want to script the database (also been there and done that) , but apart from using php to parse the list (also ineffective past a few thousand) , then there is very little impact on the asterisk blacklist code per-se if it looks up a number into a database of 10 or 200000.

JM2CWAE

There is some ideas on a rework but it is not exactly trivial. It is on the radar but it is not yet slated.

Sidenote in general a blacklist will be ineffective on robo-dialers. A whitelist would really be your only option for this.
Robocalls typically use a random caller id.
New trend is to make the areacode and NXX the same as yours. If your number is 4805551212 they will use 4805551234 with the last 4 random.
To do an FCC complaint you must first answer the call and figure out the who so you wouldn’t want to block the number.

Related: FreePBX is an open source project and contributions of code are always welcome.

Simply by answering the call but not sending any audio until you receive some from the far end (use BackgroundDetect() but send silence ) is remarkably effective IMHO, the robocaller hangs up, real caller say " hello, anyone there?" call that human engineering if you want :slight_smile:

Edit:

To clarify, the robo-caller-bot works a little more intelligently , if it thinks that there is some wet-wear there, it calls the next indian guy/girl in the boiler shop to actually pick up the call and start reading the script. . .

This also has the affect of starting billing on their end which is hopefully rounded up.

There are numerous services that offer number verification/reputation services. Whitepages has an API service for this, Numverify, Nexmo and even Twilio has a beta verification service that you can request.

So if anything this really isn’t a “Blacklist” module thing, to me. This sounds more like a CallerID Superfecta add on where you can make the API calls to these various services and process the data they send back, such as the reputation score to deny or allow the call or do whatever with it.

There is also the Privacy Manager feature that can be used to prompt people to provide their name for the end user to hear and accept the call. You can set it up so that accepted numbers can bypass the privacy check on future calls.

1 Like

Verifying a number that has been spoofed will often of course often return a false positive, remember that although these guys are a PITA they are not all stupid … You can equally ask a caller to enter the number they called from, not so good for business use though :slight_smile:

It may be worth blocking on ANI rather than caller ID.

CALLERID(ANI-num);

Unfortunately largely ineffective if not using a toll-free termination, even then it is carrier dependent .

So the beauty of open source. Build it or pay someone and contribute it back. You always complain about what we work on or how we build it or present the GUI options. Please go show us up and give us something back something truly awesome for the benefit of everyone using FreePBX.

ANI (adding some text so this will save)?

All, my comments were prompted by seeing Blacklist on a list of prospective version updates, including the suggestion to add whitelist. I think I mentioned that spam has moved past the point where listing is a prime solution. In any case, if there are upgrades to the module, I stand by my suggestions. Sorry, my hands on technical skills are not from the current era as I long ago shifted to technical management and business. I always hope suggestions and other experience can be helpful. I have had plenty of examples in my career where others surprised me with great contributions.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.