You can pass all the calls through a CALL ROUTINGTABLE.  Build one where CALL ROUTING KEY is OUTSIDE PARTY NUMBER.  Put in all your exception numbers and send them to a destination with "Not In Service" announcement or device that rings open, or even nothing.  At the bottom of the list put a + for ANY OTHER NUMBER and E for EMPTY (no caller ID) and send those to your DID table, STAR app or main ring in destination.  Remember you're looking for exact match (usually 10 digits)...if your carrier sends a leading 1 as some SIP providers do, add that also.