Re: Come on, it's not hard
BT don't allow it and I doubt any of the other major operators do.
Be aware though that there's a difference between Presentation Number - a legitimate product, and spoofed CLI which is always illegitimate. Presentation number is used to display a switchboard or main office number on outbound calls where the 'real' CLI would be unreachable or inappropriate, but the actual CLI contained in the signalling and call record is correct and identifies the line. In a call centre, for example, direct dialing inbound to an agent is forbidden and so using the real CLI would just give a number that can't be reached. Showing the switchboard number solves the problem. Spoofing actually involves putting knowingly false data in the signalling message.
The problem is that you only need one operator who will allow it. Since the end of Ofcom licensing anyone can set up a telco and there's little 'threat' of having your licence removed for bad behaviour, though the telcos will refuse to interconnect if you persistently misbehave.
Spoofed CLIs often originate internationally however. They might pass through three or four or five networks before they reach the UK. Until recently BT and others treated CLIs that came from call aggregator routes as 'untrusted' and showed 'INTERNATIONAL' or 'UNAVAILABLE' in the CLI field. They'd only trust the CLI if they trusted the operator sending them the calls - a dedicated France Telecom route for example that only has 'own network' calls on it. The problem with that approach is that very few incoming international calls to the UK actually touch BT or Virgin's networks. Foreign telcos buy international routes on a spot market, calls are aggregated and eventually end up in somewhere like Paul Street in London, a private international exchange, and calls are handed to the national network. No-one, not even the aggregator, has any idea where those calls came from. They only know which network gave them the call, which almost certainly won't be the network the call originated on.
That situation is changing and I believe there's been lots of pressure for the UK telcos to now show the CLIs where they are present - but it does mean that spoofed CLIs will have an open door. My best guess is that UK switches are now inspecting the CLI and rejecting calls from what appear to be international routes but giving a UK CLI. I don't think the mobile operators can do that though - it breaks roaming - so this may be at the heart of the problem. Any attempt at policing will cause call rejection of calls made by UK mobiles abroad on a non-home network. Making your PIN mandatory might be the only way of ensuring security.
The current telephone signalling and addressing system was designed in an era when the telcos knew each other and trust between them was implicit. That's been blown apart but the system (CCITT SS7) can't easily be changed without upgrading every single telephone exchange in the world. All the time a single operator, anywhere in the world, allows CLI faking on an interconnect, this problem won't go away.