The first VoIP DNSBL
Few months ago we started working on a DNS based VoIP blocklist. At the moment we testing it on our own cloud system with 3 different blacklist schemas.
1. IP address blacklist with attackers IP addresses (brute force, sipvicious attacks,etc)
2. Callerid blacklist with phone numbers (telemarketers, dialers, SPIT, etc)
3. IP address ranges for non payers
Here is how the VoIP DNSBL work:
A SIP server that wants to send a call to your SIP server establishes a connection to your server.
Your server examines the socket information to find the IP address of the server at the other end of the connection.
Your server creates a special “pseudo-hostname” by reversing the order of the components of the IP address, then concatenating them with the domain name of the blacklist:
If the incoming IP address is 18.104.22.168 and the name of the blacklist is vdnsbl.net, then the resulting “pseudo-hostname” is 22.214.171.124.vdnsbl.net
Your server does a regular DNS lookup of the pseudo-hostname 126.96.36.199.vdnsbl.net. If it resolves, then the owner of the blacklist considers the host 188.8.131.52 to be a blocked user. If the lookup doesn’t resolve, then the IP address isn’t blacklisted. For those IP addresses which appear in the black list the VoIP DNSBL may optionally store a standard TXT RR at the same name giving some explanation for the black listing.
A common misconception is that an caller whose IP address or callerid is listed is ‘blocked’ from sending out calls. In fact callers are in no way prevented by VDNSBLs from sending calls. We does not tell a third-party VoIP system what to do with a VoIP call, the third-party VoIP system asks VDNSBL for an opinion and VDNSBL responds to that request with its opinion. In effect the receiving VoIP server asks the VDNSBL “Does this caller’s IP Address exist on the VDNSBL database?”, the VDNSBL simply responds with a “Yes” if present or, if not present does not respond at all (no response means “we have no opinion on that IP Address”).
There will be several ways to feed the blacklists, more details will be published as soon as we are ready with the web GUI for this service. The service will be free of charge for everybody. Voice fraud is a common thing today, please check out http://voicefraud.com/
Your suggestions are always welcome! We want to say thank you for your continued liking and sharing. If you haven’t liked this post yet, you may do that by hitting the buttons just below. If you are a blogger and you appreciate the hard work, whether or not you copied this post, we implore you to kindly link back this post here, you may do it anyhow you can. We consider that a great contribution.