[MichaelGG]

Outbound traffic (placing a call) is entirely separate from the inbound path. This is similar, in a way, to IP. You can send a packet with any source IP from basically anywhere on the Internet. The difference is that with IP, any return packets are routed separately, to the source IP. With a call, return voice just goes along the established channel. Each provider along the way will know who they received the call from, but cannot verify that the number belongs to them.

This is by design and used in many cases. Call forwarding, for instance. Or even just the basic case of using multiple providers to route outbound calls. Some might be cheaper than others, so you need to select on a call by call basis. Also, think of international calls. How is Idaho Telco XYZ supposed to be able to verify that this call from Zambia really belongs to ZambiaCom XYZ? And vice versa.

Also note that there's simply no requirement to even having a number. You could just be placing outbound calls (like SkypeOut). Or no one to one mapping: an office sharing one number for outbound calls, or a single telemarketer changing numbers call by call as they dial for different customers.

[ikeboy]

All it would take is providers refusing to connect to anyone that supports spoofing. Let users report spoof calls, then blacklist those providers. Everyone will fall in line real quick. (You could also just fine them for each spoof, not cut them off completely, but enough so they won't want to offer it a service to their customers. Also, of course you announce this months in advance so everyone has a chance to stop supporting it first.)

Call forwarding is fine as long as the spoofed number is also associated with the caller. But anyone that lets people call using a number that's not theirs at all should be booted off.