Skype for Business–Block Call Identified as Malicious
For a long time there has been a little used feature within Lync and Skype for Business that allows end users to highlight a nuisance voice call to the administrators called Malicious Call Trace (MCT). MCT basically allowed the end user to report a call immediately after hanging up which would register in the call detail records database as a trouble call. This information could then be used by Skype for Business administrators to highlight potential issues and act accordingly. Often acting accordingly means not doing much, not because you don’t want to, but because you can’t. Whether that is time or money, they are usually the two main factors. Skype for Business doesn’t provide any administrative blocking options for incoming numbers, instead relies on end users keeping their relationships up to date and/or some third party tool that costs $$.
So until now, report a call feature is just a courtesy “hand in the air” announcement from the end user to the admin that they are receiving unwanted calls. It doesn’t actually prevent the caller from calling back. At some point, the end user is going to get frustrated, and force you to take action. This probably will be to assign a new DDI to the user. But this means that some one else may get the problem call, and eventually the caller if persistent will find out the new number and the cycle begins again. This is where you need a call blocking solution.
A while back fellow community contributors Chris Norman (VoipNorm) and David Paulino (UC Lobby) made a call blocking script based on Caller ID. This script was based on MSPL scripting used within Lync and Skype for SIP processing. So I thought, wouldn’t it be cool if somehow I can grab the malicious calls from the CDR database and add them to Chris & David’s script so that when a user reports a call, the caller ID is blocked from subsequent calling attempts?
Introducing Simple Call Blocker
Simple Call Blocker leverages the code from UCLobby’s version of the CallerIDBlock tool and ties together information from the CDR database to identify malicious calls and add them to the block list without administrative input. Meaning admins now won’t need to care about problem calls. A user reports a call as malicious, the block list gets updated within a few minutes and bang! no more nuisance calls from that caller for the entire company!
I say Simple, because the block is permanent and affects all users. Depending on the uptake I may add more options to this to provide more granularity in the future.
- Front End Pool FQDN to register server application to
- Pool File Share FQDN and Share name to host the block scripts
- Skype for Business or Lync 2013
- Malicious Call Trace Enabled for the user in Voice Policy
- CDR database deployed
- CDR archiving enabled
The supplied Installation script is recommended to run on a front end server.
Please also note that this solution is not stress tested, and therefore suited to small to medium scale deployments. Large deployments, you may want to edit the MSPL script to only process SIP messages from the Mediation Servers to avoid excessive SIP processing time across all modalities.
Installation and Demo
- Open Adminstrative PowerShell and set your working location to the full path of the SimpleCallBlocker folder e.g. Set-Location “C:\scripts\SimpleCallBlocker”
- Execute the Install-SimpleCallBlocker.ps1 file by typing in .\Install-SimpleCallBlocker.ps1
- Enter your Front End Pool FQDN, File Share Location, SQL Archiving Server FQDN and SQL Instance Name if you are not using the Default and Press Install Now
- Once Installed, check the Skype Share location for a folder called SimpleCallBlocker. In there, you should have a two files, BlockedTelephoneNumbers.txt and CallerIDBlock.am
- The BlockedTelephoneNumbers.txt will already be populated with any previous malicious calls logged in the CDR database
- There should also be a Scheduled Task created called SimpleCallBlocker, and scheduled to run every 10 minutes. This calls a PowerShell script located in C:\SimpleCallBlocker located on the machine with the scheduled task installed. This script is responsible for collecting the information from the database and updating the BlockedTelephoneNumbers.txt file
- Next, check that the server application has been installed on each front end
- After about 5 or 10 minutes of installation you should see an event registered in the Lync Server Event log that lets you know the server application has been successfully registered
- After this Simple Call Blocker is ready to work
Download Script Here: https://gallery.technet.microsoft.com/Skype-for-Business-Auto-745b2159
Mark is an Independent Microsoft Teams Consultant with over 15 years experience in Microsoft Technology. Mark is the founder of Commsverse, a dedicated Microsoft Teams conference and former MVP. You can follow him on twitter @UnifiedVale