Just been contacted by a UK Enum registrar looking for ITSPs to become resellers of their Enum registration systems ... Is anyone using Enum? Does anyone (other than cynical old me) think that Enum is a spammers best friend? Has anyone received a spam VoIP call yet? (ie. one placed directly over the Internet aimed at a SIP URI to a PBX which allows anonymous incoming calls?) I can see that Enum is good to provide another way round the PSTN, but at the same time, I'm just not convinced... What do others think? Gordon
I think an equally interesting question is whether the Federal Trade Commission (and foreign equivalents) draw a distinction between calls to E.164 numbers based on their transport technology. In other words, is there a legal difference depending on whether the call touches the PSTN vs. being looked up in an ENUM directory with Pure IP transport? If you are an attorney, please chime in. I'm not an attorney, but I suspect the answer would be that there is no distinction. I know the definition of "phone call" is a moving target these days, so perhaps today's legal answer will be different tomorrow. On the other hand perhaps the legal question is completely moot. The zero-cost nature of SPIT might make it like SPAM wherein the fact that it violates many laws in most countries is ultimately of no consequence. Will this ultimately come down to a technical arms race like we see with SPAM? . December 21, 2012 ----- Original Message ----- From: "Gordon Henderson" <gordon+asterisk at drogon.net> To: "Asterisk Users Mailing List Discussion" <asterisk-users at lists.digium.com> Sent: Tuesday, July 14, 2009 9:14 AM Subject: [asterisk-users] Is Enum safe from spammers?> > Just been contacted by a UK Enum registrar looking for ITSPs to become > resellers of their Enum registration systems ... > > Is anyone using Enum? > > Does anyone (other than cynical old me) think that Enum is a spammers best > friend? > > Has anyone received a spam VoIP call yet? (ie. one placed directly over > the Internet aimed at a SIP URI to a PBX which allows anonymous incoming > calls?) > > I can see that Enum is good to provide another way round the PSTN, but at > the same time, I'm just not convinced... > > What do others think? > > Gordon > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >
2009/7/14 Gordon Henderson <gordon+asterisk at drogon.net<gordon%2Basterisk at drogon.net>>> > Just been contacted by a UK Enum registrar looking for ITSPs to become > resellers of their Enum registration systems ... > > Is anyone using Enum? > > Does anyone (other than cynical old me) think that Enum is a spammers best > friend? > > Has anyone received a spam VoIP call yet? (ie. one placed directly over > the Internet aimed at a SIP URI to a PBX which allows anonymous incoming > calls?)To my surprise, a friend who got himself registered in such Enum registers never received a single Spam call. But I do agree, it might be a question of time> > > I can see that Enum is good to provide another way round the PSTN, but at > the same time, I'm just not convinced... > > What do others think? > > Gordon > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20090715/914a3808/attachment.htm
Gordon Henderson schrieb:> Just been contacted by a UK Enum registrar looking for ITSPs to become > resellers of their Enum registration systems ... > > Is anyone using Enum?Yes.> Does anyone (other than cynical old me) think that Enum is a spammers best > friend?I think ENUM will not cause SPIT, but it can increase the efficiency.> Has anyone received a spam VoIP call yet? (ie. one placed directly over > the Internet aimed at a SIP URI to a PBX which allows anonymous incoming > calls?)No.> I can see that Enum is good to provide another way round the PSTN, but at > the same time, I'm just not convinced... > > What do others think?SPIT (VoIP SPAM) is basically not a problem of ENUM, but of the communication protocol (SIP, H323, IAX, XMPP). E.g. SIP was developed with the same idea as SMTP: open connectivity - everybody can send a message to everyone with the need of peering agreements (thus, free of charge). Of course this introduces the same problems as SMTP has. Unfortunately the designers of SIP did not searched for a solution for this problem. Now, there is SIP-Identity which would allow (would, because nobody uses it) authentication of the caller - which is the basis for black/whitelists. H323 and IAX might be different, but they also allow to have unauthenticated calls. So, as soon as you operate your VoIP environment in a "open" way (regardless if it is SIP, XMPP ...) you are vulnerable to SPIT - even if you do not have ENUM provisioned for your local extensions. ENUM can be used by crawlers to find out valid VoIP URIs and can help SPITting, but in the end the problems is on the SIP level and must be solved there. regards klaus