But the ridiculous side of this is that there are valid reasons to "spoof" numbers. We have two customers who need to do it all the time, and it's legal, as well as demanded by their customers. On Tue, Feb 16, 2021 at 9:37 AM <paul at timmins.net> wrote:

Legal or not it?s genius. Humans will notice right away and it?ll cost for the robocallers.

Sent from my iPhone

On Feb 16, 2021, at 11:23 AM, Calvin Ellison <calvin.ellison at voxox.com> wrote:

? Today we received a notice from one of our underlying carriers that included the following statement:

* If a customer spoofs an ANI that they do not own, the clec's can forward

...

to call to a voiceless Voicemail which appears to be FAS.

Is there any legal device that actually supports this practice? I'm looking for a specific statute, FCC rule, precedent in a judicial ruling, or the like.

The FCC has ruled that the SIP 608 response code is to be used for signaling when a call is rejected. I doubt the FCC or FTC has ruled that terminating carriers are permitted to cause loss of trust and revenue between upstream intermediate and originating carriers.

Regards,

*Calvin Ellison* Systems Architect calvin.ellison at voxox.com +1 (213) 285-0555

----------------------------------------------- *voxox.com <http://www.voxox.com/> * 5825 Oberlin Drive, Suite 5 San Diego, CA 92121 [image: Voxox] _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

Agree. Intent to deceive or misrepresent is at the heart of spoofing. ? Sent from mobile, with due apologies for brevity and errors.

On Feb 16, 2021, at 12:00 PM, Brooks Bridges <brooks at firestormnetworks.net> wrote:

? I would posit that outpulsing a specific ANI with authorization of, and at the request of, the number's owner doesn't really fall under the colloquial understanding of "spoofing". I think that term is typically used to imply malice or deceit.

On 2/16/2021 8:44 AM, Carlos Alvarez wrote:

...

But the ridiculous side of this is that there are valid reasons to "spoof" numbers. We have two customers who need to do it all the time, and it's legal, as well as demanded by their customers.

On Tue, Feb 16, 2021 at 9:37 AM <paul at timmins.net> wrote:

...

Legal or not it?s genius. Humans will notice right away and it?ll cost for the robocallers.

Sent from my iPhone

...

On Feb 16, 2021, at 11:23 AM, Calvin Ellison <calvin.ellison at voxox.com> wrote:

? Today we received a notice from one of our underlying carriers that included the following statement:

...

* If a customer spoofs an ANI that they do not own, the clec's can forward to call to a voiceless Voicemail which appears to be FAS.

Is there any legal device that actually supports this practice? I'm looking for a specific statute, FCC rule, precedent in a judicial ruling, or the like.

The FCC has ruled that the SIP 608 response code is to be used for signaling when a call is rejected. I doubt the FCC or FTC has ruled that terminating carriers are permitted to cause loss of trust and revenue between upstream intermediate and originating carriers.

Regards,

Calvin Ellison Systems Architect calvin.ellison at voxox.com +1 (213) 285-0555

----------------------------------------------- voxox.com 5825 Oberlin Drive, Suite 5 San Diego, CA 92121

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

---

VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

The issue I have with this tactic is the impact it has on intermediate carriers who specifically service aggregate call center traffic, where the nefarious traffic is blended upstream and more difficult to detect. The upstream clients expect us to prevent it, and when we can't, it becomes a trust issue and then ultimately a revenue issue, on top of the support resources spend handling the complaints. We don't want to facilitate the nefarious traffic either and are implementing our own call blocking, but we're not going to scam every hop in between in the process. This practice also directly conflicts with the recent FCC requirement to use SIP 607 or 608 responses when blocking calls: iii) Enhanced Transparency and Redress Requirements ? The FCC requires

terminating voice service providers that block calls to immediately notify the caller that the call has been blocked by sending either a Session Initiation Protocol (IP network return SIP Code 607 or 608) or ISDN User Part (ISUP Code 21) response code, as appropriate, and requires all voice service providers in the call path to transmit these codes to the origination point. Second, the FCC requires terminating voice service providers that block calls on an opt-in or opt-out basis to disclose to their subscribers a list of blocked calls (on an opt-in or opt-out basis) within three business days of a request. Third, when a calling party disputes whether blocking its calls is appropriate, the FCC requires terminating voice service providers to provide a status update to the party that filed the dispute within 24 hours and that the point of contact which terminating voice service providers have established to handle blocking disputes also handle contacts from callers that are adversely affected by information provided by caller ID authentication seeking to verify the authenticity of their calls. Finally, the FCC declined to address the issue of erroneous labeling at this time. The FCC gave voice service providers until January 1, 2022 to comply with the immediate notification requirements.

https://docs.fcc.gov/public/attachments/FCC-20-187A1.pdf Regards, *Calvin Ellison* Systems Architect calvin.ellison at voxox.com +1 (213) 285-0555 ----------------------------------------------- *voxox.com <http://www.voxox.com/> * 5825 Oberlin Drive, Suite 5 San Diego, CA 92121 [image: Voxox] On Tue, Feb 16, 2021 at 9:07 AM Brandon Svec <bsvec at teamonesolutions.com> wrote:

True, but it doesn't matter. Since there are bad actors that we are trying to prevent, then all spoofed numbers must be handled correctly. It can no longer be ok to just look the other way and let them all through. Validated/authorized spoofed numbers should be fine and those that are not have work to do and all that should be left are bad actors being blocked. Of course, I understand we are not quite there yet, but this is how it *should* be.

*Brandon Svec*

*15106862204 <15106862204> voice|sms**teamonesolutions.com <https://teamonesolutions.com/>*

On Tue, Feb 16, 2021 at 9:00 AM Brooks Bridges < brooks at firestormnetworks.net> wrote:

...

I would posit that outpulsing a specific ANI with authorization of, and at the request of, the number's owner doesn't really fall under the colloquial understanding of "spoofing". I think that term is typically used to imply malice or deceit.

On 2/16/2021 8:44 AM, Carlos Alvarez wrote:

But the ridiculous side of this is that there are valid reasons to "spoof" numbers. We have two customers who need to do it all the time, and it's legal, as well as demanded by their customers.

On Tue, Feb 16, 2021 at 9:37 AM <paul at timmins.net> wrote:

...

Legal or not it?s genius. Humans will notice right away and it?ll cost for the robocallers.

Sent from my iPhone

On Feb 16, 2021, at 11:23 AM, Calvin Ellison <calvin.ellison at voxox.com> wrote:

? Today we received a notice from one of our underlying carriers that included the following statement:

* If a customer spoofs an ANI that they do not own, the clec's can

...

forward to call to a voiceless Voicemail which appears to be FAS.

Is there any legal device that actually supports this practice? I'm looking for a specific statute, FCC rule, precedent in a judicial ruling, or the like.

The FCC has ruled that the SIP 608 response code is to be used for signaling when a call is rejected. I doubt the FCC or FTC has ruled that terminating carriers are permitted to cause loss of trust and revenue between upstream intermediate and originating carriers.

Regards,

*Calvin Ellison* Systems Architect calvin.ellison at voxox.com +1 (213) 285-0555

----------------------------------------------- *voxox.com <http://www.voxox.com/> * 5825 Oberlin Drive, Suite 5 San Diego, CA 92121 [image: Voxox] _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing listVoiceOps at voiceops.orghttps://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

Y'all realize that if the trust of carriers to not let garbage calls with spoofed near neighbor anis on their networks none of these other problems would exist, right? (using my backup iPhone for the last few days, I have been exposed to the brunt of the garbage google has been call screening for me, and I completely sympathize with anyone trying to do anything to confound the bad actors at this point, consequences be damned.) On 2/16/21 11:44 AM, Carlos Alvarez wrote:

But the ridiculous side of this is that there are valid reasons to "spoof" numbers.? We have two customers who need to do it all the time, and it's legal, as well as demanded by their customers.

On Tue, Feb 16, 2021 at 9:37 AM <paul at timmins.net <mailto:paul at timmins.net>> wrote:

Legal or not it?s genius. Humans will notice right away and it?ll cost for the robocallers.

Sent from my iPhone

...

On Feb 16, 2021, at 11:23 AM, Calvin Ellison <calvin.ellison at voxox.com <mailto:calvin.ellison at voxox.com>> wrote:

? Today we received a notice?from one of our underlying carriers?that included the following statement:

* If a customer spoofs an ANI that they do not own, the clec's can forward to call to a voiceless Voicemail which?appears to be FAS.

Is there any legal device that actually supports this practice? I'm looking for a specific statute, FCC rule, precedent in a judicial ruling, or the like.

The FCC has ruled that the SIP 608 response code is to be used for signaling when a call is rejected. I doubt the FCC or FTC has ruled that terminating carriers are permitted to cause loss of trust and revenue between upstream intermediate and originating carriers.

Regards,

*Calvin Ellison* Systems Architect calvin.ellison at voxox.com <mailto:calvin.ellison at voxox.com> +1 (213) 285-0555

----------------------------------------------- *voxox.com <http://www.voxox.com/> * 5825 Oberlin Drive, Suite 5 San Diego, CA 92121

Voxox _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org> https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org> https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

Stir will only help if carriers actually pass or allow tokens. Still waiting on several tier 1 carriers to take them. On Tue, Feb 16, 2021 at 9:35 AM Glen Gerhard <glen at cognexus.net> wrote:

Hopefully Stir/Shaken will make this a moot point. Calvin, are you saying that a 608 is the recommended response for a call that is being rejected due to S/S attestation or CVT reasons?

~Glen

On 2/16/2021 8:19 AM, Calvin Ellison wrote:

Today we received a notice from one of our underlying carriers that included the following statement:

* If a customer spoofs an ANI that they do not own, the clec's can forward

...

to call to a voiceless Voicemail which appears to be FAS.

Is there any legal device that actually supports this practice? I'm looking for a specific statute, FCC rule, precedent in a judicial ruling, or the like.

The FCC has ruled that the SIP 608 response code is to be used for signaling when a call is rejected. I doubt the FCC or FTC has ruled that terminating carriers are permitted to cause loss of trust and revenue between upstream intermediate and originating carriers.

Regards,

*Calvin Ellison* Systems Architect calvin.ellison at voxox.com +1 (213) 285-0555

----------------------------------------------- *voxox.com <http://www.voxox.com/> * 5825 Oberlin Drive, Suite 5 San Diego, CA 92121 [image: Voxox]

_______________________________________________ VoiceOps mailing listVoiceOps at voiceops.orghttps://puck.nether.net/mailman/listinfo/voiceops

-- Glen Gerhardglen at cognexus.net 858.324.4536

Cognexus, LLC 7891 Avenida Kirjah San Diego, CA 92037

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

-- Karl Douthit 10572 Calle Lee #123 Los Alamitos Ca. 90720 (562) 257-3590 (Desk) (562) 824-0757 <%28562%29%20827-0757> (Mobile) *www.piratel.com <http://www.piratel.com/>*

I expect that people will attest spam. But we're allowed to block carriers by spid if we want if we start getting garbage. The effective telecom death penalty that'd create (along with the liability) will be an interesting enforcement mechanism. ________________________________ From: VoiceOps <voiceops-bounces at voiceops.org> on behalf of Nick Olsen <nick at 141networks.com> Sent: Tuesday, February 16, 2021 1:27 PM To: Karl Douthit Cc: Voiceops.org Subject: Re: [VoiceOps] Fake Voicemail Anti-Robocall Tactics My faith in STIR/SHAKEN has all but collapsed. I think we're just going to end up in a situation where even the SPAM is attested. At least having a breadcrumb to follow might help. Given the current state of SS. I won't hold my breath. On Tue, Feb 16, 2021 at 12:44 PM Karl Douthit <karl at piratel.com<mailto:karl at piratel.com>> wrote: Stir will only help if carriers actually pass or allow tokens. Still waiting on several tier 1 carriers to take them. On Tue, Feb 16, 2021 at 9:35 AM Glen Gerhard <glen at cognexus.net<mailto:glen at cognexus.net>> wrote: Hopefully Stir/Shaken will make this a moot point. Calvin, are you saying that a 608 is the recommended response for a call that is being rejected due to S/S attestation or CVT reasons? ~Glen On 2/16/2021 8:19 AM, Calvin Ellison wrote: Today we received a notice from one of our underlying carriers that included the following statement: * If a customer spoofs an ANI that they do not own, the clec's can forward to call to a voiceless Voicemail which appears to be FAS. Is there any legal device that actually supports this practice? I'm looking for a specific statute, FCC rule, precedent in a judicial ruling, or the like. The FCC has ruled that the SIP 608 response code is to be used for signaling when a call is rejected. I doubt the FCC or FTC has ruled that terminating carriers are permitted to cause loss of trust and revenue between upstream intermediate and originating carriers. Regards, Calvin Ellison Systems Architect calvin.ellison at voxox.com<mailto:calvin.ellison at voxox.com> +1 (213) 285-0555 ----------------------------------------------- voxox.com<http://www.voxox.com/> 5825 Oberlin Drive, Suite 5 San Diego, CA 92121 [Voxox] _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org<mailto:VoiceOps at voiceops.org> https://puck.nether.net/mailman/listinfo/voiceops -- Glen Gerhard glen at cognexus.net<mailto:glen at cognexus.net> 858.324.4536 Cognexus, LLC 7891 Avenida Kirjah San Diego, CA 92037 _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org<mailto:VoiceOps at voiceops.org> https://puck.nether.net/mailman/listinfo/voiceops -- Karl Douthit 10572 Calle Lee #123 Los Alamitos Ca. 90720 (562) 257-3590<tel:%28562%29%20257-3590> (Desk) (562) 824-0757<tel:%28562%29%20827-0757> (Mobile) www.piratel.com<http://www.piratel.com/> _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org<mailto:VoiceOps at voiceops.org> https://puck.nether.net/mailman/listinfo/voiceops

Can anyone speak to this "CLECs think FAS is OK because robocalls" claim? I'd really like to tell these carriers exactly how wrong they are, if they are. If not, we would all be collecting minutes on spam diversion instead of blocking it. Regards, *Calvin Ellison* Systems Architect calvin.ellison at voxox.com On Tue, Feb 16, 2021 at 11:29 AM Joel Stalder <jstalder at panterranetworks.com> wrote:

Agreed that the threat of carrier blocking should be a serious deterrent but blocking based on the SHAKEN root cert or SPID isn?t the only method. There is an expectation of easy/instant traceback too, which will hopefully generate onerous support costs for the offending carrier(s) before a BFH is required.

I think of caller verification and spam/fraud/robocall mitigation as two potentially related but separate tools. If my network receives a call that is SHAKEN-verified but has a very high spam/fraud/robocall score, it?s blocked (SIP 608 response). The FCC has provided legal ?safe harbor? to block such calls without the potential threat of liability, as long as the required processes are in-place to remove erroneous blocking.

-Joel

*From:* VoiceOps <voiceops-bounces at voiceops.org> *On Behalf Of *Paul Timmins *Sent:* Tuesday, February 16, 2021 10:45 AM *To:* Nick Olsen <nick at 141networks.com>; Karl Douthit <karl at piratel.com> *Cc:* Voiceops.org <voiceops at voiceops.org> *Subject:* Re: [VoiceOps] Fake Voicemail Anti-Robocall Tactics

I expect that people will attest spam. But we're allowed to block carriers by spid if we want if we start getting garbage. The effective telecom death penalty that'd create (along with the liability) will be an interesting enforcement mechanism.

------------------------------

*From:* VoiceOps <voiceops-bounces at voiceops.org> on behalf of Nick Olsen < nick at 141networks.com> *Sent:* Tuesday, February 16, 2021 1:27 PM *To:* Karl Douthit *Cc:* Voiceops.org *Subject:* Re: [VoiceOps] Fake Voicemail Anti-Robocall Tactics

My faith in STIR/SHAKEN has all but collapsed. I think we're just going to end up in a situation where even the SPAM is attested. At least having a breadcrumb to follow might help.

Given the current state of SS. I won't hold my breath.

On Tue, Feb 16, 2021 at 12:44 PM Karl Douthit <karl at piratel.com> wrote:

Stir will only help if carriers actually pass or allow tokens. Still waiting on several tier 1 carriers to take them.

On Tue, Feb 16, 2021 at 9:35 AM Glen Gerhard <glen at cognexus.net> wrote:

Hopefully Stir/Shaken will make this a moot point. Calvin, are you saying that a 608 is the recommended response for a call that is being rejected due to S/S attestation or CVT reasons?

~Glen

On 2/16/2021 8:19 AM, Calvin Ellison wrote:

Today we received a notice from one of our underlying carriers that included the following statement:

* If a customer spoofs an ANI that they do not own, the clec's can forward to call to a voiceless Voicemail which appears to be FAS.

Is there any legal device that actually supports this practice? I'm looking for a specific statute, FCC rule, precedent in a judicial ruling, or the like.

The FCC has ruled that the SIP 608 response code is to be used for signaling when a call is rejected. I doubt the FCC or FTC has ruled that terminating carriers are permitted to cause loss of trust and revenue between upstream intermediate and originating carriers.

Regards,

*Calvin Ellison* Systems Architect calvin.ellison at voxox.com +1 (213) 285-0555

----------------------------------------------- *voxox.com <http://www.voxox.com/> * 5825 Oberlin Drive, Suite 5 San Diego, CA 92121

[image: Voxox]

_______________________________________________

VoiceOps mailing list

VoiceOps at voiceops.org

https://puck.nether.net/mailman/listinfo/voiceops

--

Glen Gerhard

glen at cognexus.net

858.324.4536

Cognexus, LLC

7891 Avenida Kirjah

San Diego, CA 92037

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

--

Karl Douthit

10572 Calle Lee #123

Los Alamitos Ca. 90720

(562) 257-3590 (Desk)

(562) 824-0757 <%28562%29%20827-0757> (Mobile)

*www.piratel.com <http://www.piratel.com/>*

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

Correct. The 608 response includes redress information and can be translated to a voice reject for unsupported clients. https://tools.ietf.org/html/rfc8688 Regards, *Calvin Ellison* Systems Architect calvin.ellison at voxox.com +1 (213) 285-0555 ----------------------------------------------- *voxox.com <http://www.voxox.com/> * 5825 Oberlin Drive, Suite 5 San Diego, CA 92121 [image: Voxox] On Tue, Feb 16, 2021 at 9:35 AM Glen Gerhard <glen at cognexus.net> wrote:

Hopefully Stir/Shaken will make this a moot point. Calvin, are you saying that a 608 is the recommended response for a call that is being rejected due to S/S attestation or CVT reasons?

~Glen

On 2/16/2021 8:19 AM, Calvin Ellison wrote:

Today we received a notice from one of our underlying carriers that included the following statement:

* If a customer spoofs an ANI that they do not own, the clec's can forward

...

to call to a voiceless Voicemail which appears to be FAS.

Is there any legal device that actually supports this practice? I'm looking for a specific statute, FCC rule, precedent in a judicial ruling, or the like.

The FCC has ruled that the SIP 608 response code is to be used for signaling when a call is rejected. I doubt the FCC or FTC has ruled that terminating carriers are permitted to cause loss of trust and revenue between upstream intermediate and originating carriers.

Regards,

*Calvin Ellison* Systems Architect calvin.ellison at voxox.com +1 (213) 285-0555

----------------------------------------------- *voxox.com <http://www.voxox.com/> * 5825 Oberlin Drive, Suite 5 San Diego, CA 92121 [image: Voxox]

_______________________________________________ VoiceOps mailing listVoiceOps at voiceops.orghttps://puck.nether.net/mailman/listinfo/voiceops

-- Glen Gerhardglen at cognexus.net 858.324.4536

Cognexus, LLC 7891 Avenida Kirjah San Diego, CA 92037

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops