After a night's rest and time to think a bit more, I guess the first question I have to ask is whether you are planning on differentiating how Caller ID is handled between the Codeblue/Residential offering and the Express/'Roll-yer-own' package?

If so, I believe a limited ability to substitute caller ID should be available for the residential customer, based on some sort of verifiable call-in-from-that-number system perhaps as mentioned above.

I don't think such a system would be practical for the Express service, just because of the much different target audience and probable uses. Perhaps just ensuring that each call at least has some valid caller ID information is all you can do to protect yourself. Or grab ANI information if available? I suppose the ultimate solution is to just simply _reject_ any call with invalid entries in the fields, and a "No Caller ID, no call" message to the caller. I guess that does away with Caller ID blocking? Wouldn't bother me at all! ;-) I'm not sure _you_ want to, or even should, attempt to play traffic cop since you have no real way of knowing the true origin of a call.