Spam over Internet Telephony (SPIT)

There is rising concern that misconfigured voice gateways, … will lead to increased IP telephony spam (unsolicited bulk messages).

One solution is using speaker recognition and then checking to see of this speaker is on:

A white list (automatic accept),
a black list(automatic reject), or
unknown (message could be recorded and the user listens to it later and then adds the user to their white or black lists).

See for example [Mukundan 2005].

Issues of SIP and SPAM and solutions in addition to the above are discussed in [RFC 5039].

Slide Notes

Ranjith Mukundan, “Media Servers and App Servers: Insights from IP Services Research and Proof-of-Concept Implementions”, SIP Summit 2005, Honolulu, Hawaii, 18 January 2005. http://www.wipro.com/pdf_files/SIP_ Links to an external site.S Links to an external site.ummit_2005_Wipro-MediaSrv-AppSrv_PPT.pdf Links to an external site.

J. Rosenberg and C. Jennings, “The Session Initiation Protocol (SIP) and Spam”, Internet Request for Comments, RFC Editor, RFC 5039 (Informational), ISSN 2070-1721, January 2008, http://www.rfc-editor.org/rfc/rfc5039.txt Links to an external site.

Transcript

[slide419] We talked yesterday a little bit about spam over IP telephony, or SPIT, and the idea of having a white list. You automatically accept those calls. A black list, you block them. And an unknown list. So, for example, some people have an approach where the first time someone calls you, they get a puzzle they have to solve. If they correctly solve the puzzle, you'll add them to your list so that they can get through and communicate with you. If they don't solve the puzzle, you don't let them in. Right? That's often enough to prevent the spitters from disturbing you. But it's an interesting area.