Businesses must register their text usage, or outbound texts will be blocked. Learn More

Products

Communications platform

Cloud

Hybrid

On-Premises

Business collaboration

Team collaboration

Video conferencing

Contact Center as a Service

Productivity apps

Phones & hardware

Managed security

Managed network & connectivity

Managed Power

Open source

Carrier SIP trunking services

Not sure how we can help your business?

Talk with an expert

Solutions

Education

Healthcare

Hospitality

Manufacturing

Retail

Solutions Built for Your Industry’s Unique Needs

Talk with an expert

Partners

Partners program

Find a partner

Solutions Built for Your Industry’s Unique Needs

Talk with an expert

Resources

Contact us

Help center

Security

Accessibility

Legal and policies

Blogs

Success stories

Important links

Events

Need help? Get support in seconds

Go to Help Center

Company

About us

Leadership team

Sangoma locations

Investors relations

Financial results

Press releases

Careers

Contact us

Join us in building the future of communications

Partnership program

Get support

Help Center

Contact Us

+1 855 280 0020 — North America (Toll Free)

+1 941 960 8300 — International

Find a partner
Book a call

Sangoma Blog

Do-Not-Originate (DNO): Why ITSPs Must Act Now to Stay Compliant, Protect Their Networks, and Restore Trust in Voice Calling 

author
Leo D'Alessandro

Share

Share by E-MailShare on TwitterShare on LinkedIn
Do-Not-Originate (DNO): Why ITSPs Must Act Now to Stay Compliant, Protect Their Networks, and Restore Trust in Voice Calling 

In the past decade, the voice industry has faced one of its greatest challenges: a relentless surge in spoofed calls, impersonation scams, and fraudulent call origination. Consumers are overwhelmed. Enterprises are alarmed. Regulators are enforcing harder than ever. 

And, most importantly, the trust that once defined the public telephone network is quickly eroding. 

STIR/SHAKEN helped, but it did not stop fraudsters from exploiting a deeper vulnerability: 
spoofing numbers that should never originate calls in the first place. 

What Exactly Is Do-Not-Originate (DNO)? 

At its core, DNO is simple: If a number should never be used to make an outbound call, carriers must block any attempt to originate from it.  This includes: 

-> Government hotline and agency numbers
-> Financial institutions’ inbound-only numbers
-> Enterprise customer support lines
-> Numbers reserved for routing, testing, or internal use
-> Unassigned, unused, or invalid numbers
-> Numbers where the legitimate subscriber explicitly requests blocking    

Fraudsters love these numbers because they instantly create credibility. If you spoof the number of a bank’s fraud department, the victim is more likely to answer. If you mimic a government agency, people comply out of fear. 

DNO prevents these attacks at the network edge, before illegitimate calls ever enter the ecosystem. 

Why DNO Matters More Than Ever 

Voice fraud is no longer random; it is industrialized. Organized groups use automation, bots, and large-scale spoofing to impersonate trusted institutions and exploit vulnerable populations. 

Here’s why DNO is now indispensable: 

1. Caller impersonation is the #1 method of fraud

Most high-impact scams begin with spoofing: IRS, CRA, banks, utilities, insurance companies, hospitals, etc. 

2. STIR/SHAKEN doesn’t solve the “number legitimacy” problem

STIR verifies the identity of the signer, not whether a number is allowed to originate. Fraudsters often use real, valid numbers that were never meant to place calls. 

3. Consumers have lost trust in voice

Spam calls have conditioned consumers to ignore unknown numbers, even legitimate ones. 

4. Upstream carriers are tightening filters 

If your outbound traffic contains suspect calling numbers, you risk being: 

-> Blocked
-> Rate-limited
-> Flagged for remediation

5. Enterprises expect protection 

Large enterprises want carriers to guarantee their inbound-only numbers are never weaponized by criminals. DNO is the only scalable way to deliver that promise. 

The FCC Responds: The New Mandatory DNO Rules 

To strengthen the nationwide call authentication framework, the FCC expanded its robocall mitigation program under the Eighth Report & Order, creating a new, explicit requirement for all voice providers. 

The mandate: By December 15, 2025, every provider must: 

✔ Maintain and enforce a “reasonable” DNO list 
✔ Block calls originating from numbers that should not originate 
✔ Apply DNO enforcement at the originating, transiting, and terminating stages 
✔ Support subscriber-requested DNO blocking 
✔ Demonstrate ongoing list maintenance and compliance readiness 

This applies to everyone in the call path: ITSPs, hosted PBX providers, CLECs, CPaaS platforms, UCaaS vendors, wholesalers, and national networks. 

What the FCC did not provide: 

❌ Centralized DNO dataset 
❌ Minimum list definition 
❌ Prebuilt integration framework 

Providers must build or source their own solution, fast. 

The message is clear: DNO is no longer optional. It is a regulatory obligation. 

Why DNO Is Hard for ITSPs to Implement In-House

While DNO sounds simple in theory, the execution is complex: 

1. No official list means you must build your own 

Providers must aggregate and normalize multiple data sources:

-> Invalid/unassigned numbers
-> Reserved ranges
-> Vacant NPA-NXX blocks
-> ITG DNO Registry
-> Routing-only numbers
-> Customer-specified DNO entries 

Engineering this internally can take months. 

2. Lists must be updated constantly 

DNO data changes daily. Failing to update means:

-> Fraudulent calls may slip through
-> Legitimate calls may be incorrectly blocked
-> You risk FCC audit failure 

3. Integration into call flows is technically involved 

This requires: 

-> Query logic
-> Routing variants
-> Failover behavior
-> Detailed logs for audits 

4. Implementation timelines are long 

Most ITSPs report 6–12 months to build DNO functionality themselves. 

5. Mistakes are costly 

A single high-profile spoofing incident from your network can destroy trust and trigger regulatory scrutiny. 

This is exactly why many providers are turning to managed, turnkey DNO services. 

Introducing Sangoma’s Turnkey DNO Compliance Service

To help carriers and ITSPs meet the FCC mandate with speed and simplicity, Sangoma has launched a fully managed Do-Not-Originate Compliance Add-On for providers already using our STIR/SHAKEN service (NSS v1/v2)

This service is specifically designed to eliminate the engineering and operational burden of DNO compliance.

How Sangoma’s DNO Service Works

Your NSS v1/v2 server performs a DNO dip during call processing, just like your STIR/SHAKEN queries today. 

-> No new infrastructure
-> No list servers to maintain
-> No coding or routing changes
-> No internal DNO dataset to build 

We handle the intelligence. You stay compliant. 

Powered by an Enriched, Daily-Updated DNO Dataset

Sangoma partners with Sansay to deliver a comprehensive, continuously updated DNO list that includes:

-> Invalid NPAs
-> Unallocated & reserved NPA-NXX
-> Vacant NPA-NXX-Y
-> ITG DNO Registry data
-> Routing-only number designations
-> Proprietary fraud-intelligence enrichment 

This ensures you are always using a “reasonable,” complete, and current DNO list as required by the FCC.

Why Sangoma’s DNO Solution Is the Best Path to Compliance

Here’s what makes Sangoma uniquely valuable for ITSPs, carriers, and CPaaS networks: 

1. Fastest time to compliance: Be fully compliant in days, not months.
2. Zero engineering effort: NSS already supports the workflow, you simply enable the add-on. 
3. No list maintenance: We aggregate, normalize, and update all DNO data daily. 
4. Strongest fraud prevention: Enriched intelligence blocks more spoofed attempts and protects your brand. 
5. Built for carrier-grade environments: High-volume, low-latency, highly accurate. 
6. Fully aligned with FCC requirements: Everything you need for audit-ready compliance. 
7. Reduces operational incidents: Fewer customer complaints, fewer escalations, and fewer fraud disputes. 

If you already use Sangoma STIR/SHAKEN (NSS v1/v2), you are one switch away from effortless DNO compliance.  

To learn more or enable DNO, contact Sangoma Carrier Voice today

Stay updated. Subscribe to our newsletter

Be the first to receive updates on the latest trends, insightful articles, and exciting offers straight to your inbox.

Learn why Sangoma is the right choice for your business needs.