> STIR/SHAKEN is already required for VOIP providers
I'm not convinced that STIR/SHAKEN even works properly. Recently, I migrated a DID from one VOIP provider to another. I set the outbound caller ID on the new provider, and it was showing up Verified with a checkmark to mobile devices before I had even submitted the port request to the old provider.
Depending on your new provider, they might just see that they have a contract with you and sign the call on your behalf with B level attestation - indicating that they "know" the end user, but not that they have the right to use the number.
As long as they managed to attach the identity header to the sip invite correctly, and are not considered to be a shady actor - downstream providers such as carriers probably have no reason to label it as spam. Spam labeling is typically done via analytics, outsourced to third parties like First Orion.
Attest levels are not in themselves proper tools for spam detection. The real meat of stir shaken is the origid in the identity JWT claim which is an opaque identifier that can be traced back to a particular user/customer/network equipment.
STIR/SHAKEN being sold as the one and only solution for spam calls was a mistake as it is only one iteration in the right direction. You have a handful of RFCs and ATIS specs that the FCC told operators to implement in a phased approach, and ultimately some gaps were uncovered in practice that reduced its effectiveness.
I'm not convinced that STIR/SHAKEN even works properly. Recently, I migrated a DID from one VOIP provider to another. I set the outbound caller ID on the new provider, and it was showing up Verified with a checkmark to mobile devices before I had even submitted the port request to the old provider.