Filter by raw uncleaned handle (Support for malformed SIP headers in Russia)

[MLNekit]

The feature

Is your feature request related to a problem? Please describe.
Yes. Recently, a new regulation was introduced in Russia requiring companies to transmit their legal name during calls. However, the technical implementation by some VoIP providers and operators is buggy.

Instead of sending the name in the callerDisplayName field, they transmit a raw SIP header directly in the number field (handle).

Example of a raw incoming call handle:
ИТ"<tel:79602594529
or
ООО Легалтэк"<tel:79602594529

The Issue:
Currently, SpamBlocker seems to normalize/clean the phone number (stripping non-digit characters) before applying Regex rules.

1. App receives: ИТ"<tel:79602594529
2. App cleans it to: 79602594529
3. My Regex rule .*ИТ.* fails because the text "ИТ" was stripped during step 2.

Describe the solution you'd like
I would like an option to apply Regex filters to the raw handle string (callDetails.handle.schemeSpecificPart) before it gets normalized.

This would allow users to block calls based on these "leaked" text patterns (like company names) that appear inside the number field.

Additional context
This pattern is becoming very common in Russia (spam from legal entities). The standard Android dialer displays this garbage text, so the app definitely receives it.

If possible, please add a switch in regex settings: "Apply to raw handle".

[aj3423]

It's already supported:

[MLNekit]

Thank you for the quick reply. I've already tried that setting, and it hasn't helped much so far, but I will continue trying it. Thank you again.

[aj3423]

It doesn't work?
I don't know much about the SIP thing, what appears in this app's call history? Does it show as ИТ"<tel:79602594529 ?

The raw number is obtained using callDetails.handle.schemeSpecificPart

SpamBlocker/app/src/main/java/spam/blocker/service/CallScreeningService.kt

Line 37 in 279ae3d

rawNumber = handle.schemeSpecificPart

There shouldn't be any problem.

[MLNekit]

In the standard calling application, the incoming call displays the contact name as "ООО Легалтэк: ИТ" along with the phone number.

I checked call logs, and the entry looks approximately like this:
id,name,number,duration,date_24h,date_12h,type,sim_info,country_iso,geocoded_location,via_number
1302,ООО Легалтэк: ИТ,+79062588084,0,2025-11-25 11:14,2025-11-25 11:14 AM,MISSED,SIM 2,RU,Russia,
1301,ООО Легалтэк: ИТ,+79626916382,0,2025-11-25 09:13,2025-11-25 09:13 AM,REJECTED,SIM 2,RU,Russia,

However, in the blocking application itself, the caller ID is displayed as ИТ"<tel:79602594529.

It is possible that I set the rule incorrectly, which is why the call passed the filters. I will try to set it up differently and will be able to tell you tomorrow whether it helped or not.

[aj3423]

in the blocking application itself, the caller ID is displayed as ИТ"<tel:79602594529

This means callDetails.handle.schemeSpecificPart == ИТ"<tel:79602594529.

As you mentioned, they don't use the callerDisplayName, they put everything directly in the number field, so this whole thing is the number:
"ООО Легалтэк: ИТ"<tel:+79626916382>

From the doc, it's parsed as a Uri:

I did a test and it showed similar result:

So this is all about how to parse this Uri, I can't simply use this schemeSpecificPart, there needs to be a better parser.
Will fix later.

[aj3423]

I forgot that the handle Uri is parsed by the OS, the prefix "ООО Легалтэк: is already stripped/lost when it reaches this app. I can only fix the malformed format by replacing ИТ"<tel:+79626916382> with +79626916382. But what you want is blocking by display name, such fix wouldn't help.

Are you sure the callerDisplayName is empty? If you want, I can build a test apk to log this field. If the field exists, then we can add a new regex mode "Display Name" to block by the display name instead of the number.

Anyway, if you just want to block this ИТ"<tel:+79626916382>, your regex .*ИТ.*(Raw Number mode) should work.

[MLNekit]

I think there are a couple of issues at play here.

First, I recalled that I used the regular expression .*ИТ".* in my attempts, and I suspect the double quote mark (") was the primary reason why that specific rule failed to yield any result, even if the feature was working correctly.

However, even if I fix the RegEx, the core problem remains: the incoming call name is not displayed fully inside the app’s internal logs, or the raw string lacks the necessary detail. If I use a simple filter like .*ИТ.* on the raw string, there is a significant risk of blocking calls from other companies that I do not want to block (false positives).

[MLNekit]

[aj3423]

Two issues here:

1. The rule .*ИТ.* isn't triggered with number ИТ"<tel:+79626916382>, which it should.
   Just to confirm, if you run a test against this number ИТ"<tel:+79626916382>, in the log, do you see that rule is checked?

2. The full display name
   As Android doesn't provide the full name to this app, the handle Uri is already truncated, our only chance is the callerDisplayName, currently it's not checked in this app, maybe it's filled by the OS, we should check it first.

   • If it exists, then problem solved.
   • If it doesn't exist, then we can do nothing, there's no way to obtain the full display name, I'll fire an issue to google.

   Here's a test apk: https://github.com/aj3423/SpamBlocker/actions/runs/19672188390, this apk will show displayName|number when the display name exists. Next time you receive such a call, see if the history log is something like: ООО Легалтэк: ИТ|ИТ"<tel:+79626916382>.

[MLNekit]

Regarding the first point, I must clarify that the entire issue was actually on my end, not with the application. It seems the application was working correctly from the very beginning, and I was simply using the regular expression incorrectly. My apologies for the confusion. The rule .*ИТ.* now correctly processes and blocks the call (as per the screenshot).

---

As for the second point, I have installed the provided test version (APK). I will now have to wait for the next call from that company. Since they call about 10 times a day, I don't think the wait will be long. I will report back with the results immediately once I have them.

Thank you very much for your help!

[MLNekit]

I have just received a call from that company, and I can confirm that the filtering rules .*легалтэк.* and .*легалтек.* did not work.

Unfortunately, the call name is being truncated within the application. This confirms that only the rule .*ИТ.* is successfully triggered, as "ИТ" is the only textual part remaining in the truncated number string, such as ИТ"<tel:+79626916382>.

[aj3423]

That confirms that they don't use the callerDisplayName.

Just got a workaround, while Android misparses this "ООО Легалтэк: ИТ"<tel:+79626916382> and passes this malformed Uri to SpamBlocker, it's still possible to recover the origin string:

SpamBlocker/app/src/main/java/spam/blocker/service/CallScreeningService.kt

Lines 57 to 70 in aaecd4b

	var displayName = this.callerDisplayName
	if (displayName.isNullOrEmpty()) {
	if (rawNumber.contains("tel:")) { // e.g.: "ООО Легалтэк: ИТ"<tel:+79626916382>
	// Manually parse `displayName` and `rawNumber`
	val pattern = Regex("""^(.+?)<tel:(\+?\d+)>$""")
	val uri = handle.toString()
	val match = pattern.find(uri.trim())
	if (match != null) {
	val (name, tel) = match.destructured
	displayName = name.removeSurrounding("\"")
	rawNumber = Uri.decode(tel) // %2B16505551212 (+16505551212)
	}
	}
	}

Please try this test build:
https://github.com/aj3423/SpamBlocker/actions/runs/19702541309

That call will be logged as ООО Легалтэк: ИТ|+79626916382

If this works, then we can decide how to implement it, either as a new regex mode or a flag, or maybe just use the raw format "ООО Легалтэк: ИТ"<tel:+79626916382>.

[MLNekit]

I have tested the new build you provided.

I received a call and performed the test twice to ensure accuracy:

1. The first call came in after I updated my existing application to the last test build.
2. The second call came a couple of hours later, after I completely uninstalled and performed a clean installation of the application (to rule out any update errors).

Result: Unfortunately, the name in the logs is still being truncated (trimmed) in both cases, and I did not see the expected full name.

--- ---

[aj3423]

I see, Uri is an abstract class and can have different implementations.

When testing with "\"ООО Легалтэк: ИТ\"<tel:+79626916382>".toUri(), it returns a StringUri and this type of Uri preserves the raw text.

But for real calls, it's OpaqueUri:

Here's its implementation, it doesn't preserve the raw text:
https://android.googlesource.com/platform/frameworks/base/+/4afa0352/core/java/android/net/Uri.java#954

So it's impossible for this app to retrieve the raw uri.

And this "malformed" format could be related to the RFC 3261, some examples:

From: "Bob" <sips:bob@biloxi.com> ;tag=a48s
From: sip:+12125551212@phone2net.com;tag=887s
From: Anonymous <sip:c8oqz84zk7z@privacy.org>;tag=hyh8

I'll report this to Google, see what they say.