Blocking Calls in Lync Based on Caller ID

Sometimes you have to rely on others when you don’t poses the skills your self, well maybe this was more like hope someone comes to my rescue. This week I got a question about blocking caller ID. I knew what to use to solve it but didn’t know how to write the code. Luckily for me Keith from Got UC was able to help me out. Below is a MSPL script for blocking calls in Lync based on caller ID. Keith has also posted the code on gotUC as well.  I have also created a link to my SkyDrive so people can download it rather than copy and pasting from the post which can screw the code up.

One thing you will notice about the script is that you will need to create a text file called BlockedTelephoneNumbers.txt. This file contains the blocked telephone numbers with two columns. One is the telephone number and the second is the action which in this case only requires the word “block”. Also static="false" is set which means when you make a change to the script it will reload it so no need to do any manual restarts of the application in Lync.

This is a pretty simple script that only blocks on the inbound caller id and does no other checks. Hopefully you only block the right numbers. You can also add some checks to this script. Only invites from the mediation server is one that comes to mind. This would block only calls from the PSTN and would avoid the script checking every single invite against the file which could get quite large.

So the potential to add some more checks and balances are possible but this script presents a great base to build a more complex call blocking process.

<?xml version="1.0"?>
<r:applicationManifest r:appUri="" xmlns:r="">
  <r:requestFilter methodNames="ALL" strictRoute="true"/>
    <r:responseFilter reasonCodes="NONE"/>
    <r:file name="BlockedTelephoneNumbers" path="C:\Work\TelFilter\BlockedTelephoneNumbers.txt" delimitedBy="comma" keyColumnName="Phone" static="false">
        <r:column name="Phone" />
        <r:column name="Action" />

Module Name:   
    // Main program.
    Log ("Debugr", false, "We have a request - ", sipRequest.Method);
    Log ("Debugr", false, "From - ", GetUserName(GetUri(sipRequest.From)));
    Log ("Debugr", false, "To - ", GetUserName(GetUri(sipRequest.To)));

    action = BlockedTelephoneNumbers[GetUserName(GetUri(sipRequest.From))].Action;
    if(action == "block")
           Log ("Debugr", false, "Exit. Rejected by policy");
           Respond(403, "Forbidden");
           Log ("Debugr", false, "Exit. Allowed by policy");

Click below to download code:

MSPL scripts are a great tool. If you want to learn more check here. If you have a script you are willing to share let me know. Here is another example of MSPL use here.

Comment welcomed.



  1. Hey Norman, great blog, just had a question about this script. We are trying to get this to work in our environment and want to run the script from a share on another server (so we don't have to update the caller id list multiple times for our front ends). Is UNC supported with this approach? I ask because we have the script running, phone numbers added in the same format as they appear coming from our Gateway, but nothing happens.

  2. I would try without it first to see if it works first and that will tell you if the UNC is the issue. I see no reason why it shouldn't work as long as the script can access the share.

  3. Appears that the GotUC blog has gone..... :-(

  4. So, i know nothing of what's discussed here. Can this script be run on an individual machine? If so, where does it need to be located? Are the "columns" in the text file separated by a space or tab?

  5. Hi,

    Please kindly help me with this situation. I have a LYNC server 2013 standard that is implemented to use only by domain users. All users are in a LAN environment and if an external user needs to use LYNC they need to connect to the LAN via a VPN. I need to restrict or allow certain users to a Lync user so that user can only be able to communicate with the allowed users.

    for an example:-

    If i have 4 users in my LYNC environment as A, B ,C and D i need to enable user A to communicate only with B and C. Not with D and even user D cannot communicate with A. This is simply my CEO requires me to configure that only certain users (Top level managers) to communicate with him and not staff employees. Likewise manages only with bottom level managers and so and so on. Actually it's because even by accident an unwanted call may be generated to the CEO by a staff user.

    I already tried "Configuring Enhanced Presence Privacy Mode" and in that scenario if user D is not in user A's contact list user D sees user A as offline but if user D generates a call still user A will be buzzed.

    I couldn't find a way to add user B and C as allowed user to user A or vice versa like Block user D to user A.

    Please help me in this to configure. Thanks in advance.


  6. Can you please inform me as to where this script gets applied so it will work?

  7. Anyone able to get this script to work in Lync 2013. This scripts runs perfectly on lync 2010, but not 2013.

  8. Vakhtang AssatrianMarch 20, 2014 at 9:03 PM

    I have modified the original script and now it works on 2013:

    1. hi Vakhtang did it work for u on lync 2013 server ? could you send me an example how did u make it worked ? it would be very appreciate thank you att matheus

  9. Vakhtang AssatrianMarch 20, 2014 at 9:05 PM

    upps, did not take the script. I will email to Chris so he can re-post

  10. Hi... could you be so kind to make script working on Lync 2013 public?
    Thanx :)


Note: Only a member of this blog may post a comment.