A downside of easily configurable PBX systems combined with ubiquitous internet is a plague of unwanted robocallers. Billions of calls are now made annually to people and businesses with the intent to sell services or, worse, scam them out of some money.
FreePBX has had the ability to blacklist callers for a long time. Unfortunately the blacklist works only when the inbound number is consistent. But these days very few telemarketing companies and scammers use the same CallerID number for each call, making the backlist ineffective for these callers.
This is where whitelisting comes in. Each call on an inbound route gets its number vaidated against a whitelist that can be pre-seeded during setup with a list of known good numbers and names, and is then built up over time. The validation returns one of three results:
- Success: The number is on the whitelist
- Softfail: The number is not on the whitelist but the CallerID name looks good
- Hardfail: The number is not on the whitelist and the CallerID name looks suspicious
The FreePBX administrator can choose what happens for each of these results.
Here is the source code for the Whitelist-AGI script