diff --git a/CHANGES b/CHANGES
index 9aa178cfa0dfe1381e376c27569a25da91cb07da..32b2719b92382c89e87b08c79c2e5373960d3243 100644
--- a/CHANGES
+++ b/CHANGES
@@ -252,6 +252,11 @@ IAX2 Changes
 * authdebug is now disabled by default. To enable this functionaility again
    set authdebug = yes in iax.conf.
 
+RTP Changes
+-----------
+ * The rtp.conf setting "strictrtp" is now enabled by default. In previous
+   releases it was disabled.
+
 ------------------------------------------------------------------------------
 --- Functionality changes from Asterisk 1.6.2 to Asterisk 1.8 ----------------
 ------------------------------------------------------------------------------
diff --git a/configs/rtp.conf.sample b/configs/rtp.conf.sample
index 224dc2abe2ea7dd5299a22ac39e009d2b18e105c..6609530c1b47869e1330374553c5f71253696fe1 100644
--- a/configs/rtp.conf.sample
+++ b/configs/rtp.conf.sample
@@ -23,5 +23,5 @@ rtpend=20000
 ;
 ; Enable strict RTP protection. This will drop RTP packets that
 ; do not come from the source of the RTP stream. This option is
-; disabled by default.
+; enabled by default.
 ; strictrtp=yes
diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c
index f4e8299bdebcb089796c27548f21ce4a56d8e58e..4621d2cc6e4bb9ba926b36fbc4c9982ffed7c128 100644
--- a/res/res_rtp_asterisk.c
+++ b/res/res_rtp_asterisk.c
@@ -2829,7 +2829,7 @@ static int rtp_reload(int reload)
 	rtpstart = DEFAULT_RTP_START;
 	rtpend = DEFAULT_RTP_END;
 	dtmftimeout = DEFAULT_DTMF_TIMEOUT;
-	strictrtp = STRICT_RTP_OPEN;
+	strictrtp = STRICT_RTP_CLOSED;
 	if (cfg) {
 		if ((s = ast_variable_retrieve(cfg, "general", "rtpstart"))) {
 			rtpstart = atoi(s);