Three actions can be taken:
1. Change:
Voice Services -> SP1 Service -> X_UserAgentPort : 5060
5060 is the most likely target as it's a standard SIP "listening port". I would change all the UserAgentPorts to some obscure range, maybe 5470, 5471 etc.
2. Set a good InboundCallRoute trap on each sp. Currently I'm using:
Voice Services > SP1 Service > X_InboundCallRoute:
{(?|@|@@|@@@|@@@@|@@@@@|@@@@@@):},{ph}
This stops calls with no CallerID and any CallerID with less than seven alphanumeric characters. CallerIDs such as 100, 1001, test1, admin etc are stopped.
3. Configure:
Service Providers -> ITSP Profile x -> SIP -> X_AccessList
Quote from RonR:
QuoteIt's possible for calls to come directly into your OBi. The OBi accepts SIP URI calls addressed to <anything>@your_ipaddress:5060 if SP1 is configured for SIP and <anything>@your_ipaddress:5061 if SP2 is configured for SIP.
You can prevent unauthorized SIP activity by configuring:
Service Providers -> ITSP Profile x -> SIP -> X_AccessList
with a list of IP addresses authorized to communicate with that particular SPx Service.
Generally, this list contains your service provider's IP address and the IP addresses of anyone you expect to get SIP URI calls from.
I have found just using items 1 and 2 above was enough to stop all nuisance calls.
It is odd how the spam calls always come in the early hours of the morning, no matter what time zone you live in