The Challenge of Filtering SPIT TrafficThe Challenge of Filtering SPIT Traffic

Dan York presents a conundrum: Once VOIP has reached critical mass in the enterprise, how will you filter out SPIT (spam over IP telephony) while allowing legitimate traffic such as notifications to go through?

Dan York presents a conundrum: Once VOIP has reached critical mass in the enterprise, how will you filter out SPIT (spam over IP telephony) while allowing legitimate traffic such as notifications to go through?I moderated a session at Interop New York last year in which Dan and Jonathan Rosenberg of Cisco pointed out that SPIT hasn't been a major problem yet, primarily because there simply hasn't been this critical mass of IPT endpoints, in both the enterprise and consumer world, to make it worth the spammers' effort to send out the SPIT traffic. But that will inevitably change.

And when it does, you'll probably need some systems to filter SPIT so it doesn't overwhelm your enterprise network. But there may be legitimate notifications or other large-scale message transmissions going out to your employees--so how do you make sure this gets through?

Dan has submitted an Internet Draft on the matter. He points out that scenarios like emergency notification could potentially generate traffic flows whose characteristics resemble a SPIT incident.

Assuming that you wind up implementing some type of "SPIT filter" (there's a mental image for first thing in the morning!), I wonder if you couldn't just "white list" certain SIP addresses, like a spam filter does with email. Of course, given the types of legitimate scenarios that Dan describes, you'd have to make sure this capability functioned perfectly--I mean, perfectly.

Dan's inviting comments on his draft.