Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spam Over Internet Telephony (SPIT) to Come?

Posted by michael on from the argh dept.

grub writes "According to this article on NewScientist.com 'Spam and spim - spam by instant messenger -- are about to be joined by "spit" - spam over internet telephony' Yup, spam via VoIP."

3 of 194 comments (clear)

  1. Screening calls? by October_30th · · Score: 4, Informative
    I already screen my cellphone calls. If the caller ID is "unknown" (which is the case for most telemarketers) or if it is a foreign number that I don't recognize, I won't answer it.

    If telemarketers leaving voice mail becomes a problem, I'm sure that's quickly addressed by the service provider (=store no voice mail from abroad or from unknown numbers).

    --
    The owls are not what they seem
  2. Re:Why so surprised? by Anonymous Coward · · Score: 4, Informative

    Real spammers get paid based upon click through/purchase rate. There is money to be made unfortunetly.

  3. No surprise, but let's get some tools by Frater+219 · · Score: 4, Informative
    Email systems developers have come up with a number of tools to reject email abuse:
    • Local access lists. Every serious SMTP MTA supports access control based on IP address, reverse DNS, attested address (HELO), and so forth.
    • DNSBLs and other sorts of published blocklists. A DNSBL is nothing but a site's IP-address access list, published over the DNS so that others can use it.
    • Protocol enforcement techniques such as greylisting. Greylisting tests that the sending host is willing to make the effort of retransmitting, as required by the protocol.
    • Content filtering. Even a server-side antivirus program is a content filter; much more so the statistical filters often used today.
    • Multi-site statistical tools. Vernon Schryver's DCC and Vipul's Razor come to mind.
    • Traffic limiting. ISPs can restrict the number of SMTP messages a host can send per day or hour.

    Many of these techniques can be adapted to VoIP systems. I am surprised that SER and Asterisk do not already support DNSBLs -- even if there is no call for them yet, we will certainly need published lists of abusive hosts or networks within a few years.

    The flexibility with which one can express access restrictions is an important part of any system's security. My workplace is just starting a VoIP deployment. I want to be able to say things like:

    • No single outside host may make calls to more than 50 different destinations in a day.
    • No host may send more than ten pending SIP invites at any time. (Prevent predictive dialing!)
    • No host may send SIP IMs to more than 20 addresses in the same minute.
    • After an inbound call is completed, the recipient can dial *666 on our Asterisk PBX to report it as an abusive call. If five different addresses report abusive calls from the same originator, that originator is flagged and blocked for 24 hours.