In the history of the internet, people have been trusting each other.
When? I remember the RFCs on policy based routing over a decade ago. Have you read them?
Thats rediculous. Every time you setup a peer without a access-list (and don't everyone go saying you don't do that!), you're trusting the other party not to be AS7007.
Announcing a netblock doesn't promise that every address in that block exists or is reachable. A network that is blocked for AUP violations doesn't "exist", and usually returns the ICMP message "Unreachable -- Administratively Prohibited" specifically designed for such situations. Have you read "Router Requirements"?
It's commonly accepted that if you announce a route, you can carry the packet to the intended and correct destination. Existence of the host is irrelevant; 'owning' (and I use that term loosely, ARIN) the block and delivering it to where that netblock exists. If said 'owner' wants to block, drop, blackhole, whatever the packet, then it is their option. I applaud Above for trying to cut down on the Spam. But, shouldn't that be up to UU to do, since this is a UU customer?
It seems from the email that they clearly stated that the traffic was in violation of the AUP. We all block specific sites that harm our networks. Otherwise, there would be no capacity left for our customers. It's the "policy" part, for which BGP was designed. Go read the design RFCs.
From what I can tell, it can't be in violaton of Above's AUP because that enduser isn't subscribed to a service that the Above AUP applies to; also, I doubt that UU subscribes to Above's AUP as well.