Using Nomorobo to block calls in Asterisk

Nomorobo is a fantastic service. It’s not perfect; plenty of illegal phone spammers are using throwaway numbers and/or illegally spoofing caller ID numbers to make calls that appear to be from random numbers — usually in your own area code. Short of using a strict whitelist, I don’t see a real way to get rid of those. Using Nomorobo, though, will dramatically cut down on the number of junk calls you will receive.

There’s a little problem, though… while many phone providers offer the service (we’ve been using Ooma), they don’t appear to offer the service to individuals or small businesses who run their own phones.

I ran my own Asterisk PBX for several years, supporting our home phones as well as a separate line I used for work, and even a toll-free number for my side business. Life was good for quite a while, but eventually it got to be quite a hassle trying to keep up with all the junk calls. Then my VOIP carrier changed their pricing to make them much less attractive from a cost standpoint. Eventually we switched to Ooma. They’ve been good, but not without issues. The Telo Air occasionally loses communication with the mothership, and if you don’t see the red light you won’t know that your phones aren’t working. The cost has gone up, now running over $20 per month for the Ooma Premier, which includes what I consider to be some pretty basic features — like call blocking, for example.

Now we have some family members who need a home phone, but I just can’t bear to see them get roped into paying really stupid monthly costs for a simple phone line. That, and our Ooma service is getting more expensive and (it seems) less reliable by the year. Time to switch back. But how can I keep Nomorobo? It would be a tough sell to do without that!

Well, Twilio to the rescue! They offer a Nomorobo lookup API that costs a tiny amount per lookup — $.003, or 0.3 cents per incoming call lookup. Conversely, that’s 333 lookups per dollar. Not bad, I’ll gladly pay that to avoid taking telemarketing or scam robocalls. Now, if only we could get Nomorobo to list all of the numbers used by political “push polls”, recorded messages, and other political campaign silliness!

Twilio’s call rates are not outrageously high either, and their monthly costs for DIDs (phone numbers) are pretty reasonable. The only thing I’ll fault them on is too much hassle to set up CNAM for your outbound calls, so unless you go through that process everything shows up as the number only with no CID name. Flowroute is MUCH better for this, so I route most of my outbound calls through them.

So — how to get Asterisk to do the lookup? After several hours of playing around with this, I found that it’s pretty easy to do. While it wouldn’t be terribly helpful (or smart) for me to post my entire dialplan here, I’ll include enough to get you going. I put this very near the top of the context I use for incoming calls from PSTN trunks. There’s no sense in burning CPU cycles on a call if you’re just going to drop it anyway.

First, you’ll need a Twilio account. They’re even nice enough to give you some credit on your account if you’re new, and it’s enough for quite a bit of learning and development work. I funded my account so I can use them for international calls — they’re ridiculously cheap for most destinations. They’re also a good solution if you want to get DIDs in countries outside the US.

Once you have a Twilio account established, use your account SID and auth token to set CURLOPT() with your username and password. This will be used in the next line to make the curl call to the API:

same = n,Set(CURLOPT(userpwd)=username:password)

Now, make the call to Twilio’s API to get the spam score. The result is a block of JSON that gets saved as TWILIO_RESULT:

same = n,Set(TWILIO_RESULT=${CURL("${CALLERID(num)}?AddOns=nomorobo_spamscore")})

Since we’ve got a block of JSON, we’ll need to extract the one wee bit we need. Fortunately Asterisk has a solution for that as well, so we don’t need to resort to anything drastic like a shell command:

same = n,Set(SPAMSCORE=${JSON_DECODE(TWILIO_RESULT,add_ons.results.nomorobo_spamscore.result.score)})

Now we use that result to drop the call if it’s spam. A simple Hangup(2) tells the caller that their call was rejected:

same = n,GotoIf($[ ${SPAMSCORE} = 1]?dropcall)

Later in the dialplan, after we’ve done the whole “call the user, drop to voicemail if they don’t answer, yadda yadda yadda” we have this:

same = n(dropcall),Hangup(21)

The Hangup(21) tells that their call was rejected. There are other, even more creative codes to use… like these (list courtesy of

  • 1 – Unallocated number
  • 22 – Number changed
  • 27 – Destination out of order
  • 38 – Network out of order