...

What's so bad about pre-emptive open-relay scanning is that if you feel that is justified, you pretty much have accepted that anybody who pleases may scan anybody else's network for any weakness he or she would like to probe for.

Whether you like / agree with it or not, this is happening and you can't stop it.

That depends on the definition of "stop." If you mean, I can't stop it in all places for all time, that's true. If you mean, I can't stop it FROM all places at ANY time, that's also true. But if you mean, I can't stop it FROM a specific place AFTER a particular time, then it's false. Any network owner has the right to accept or reject traffic based on any criteria they select. If that criteria includes "reject all IP addresses ending in .42" then it will be inconvenient to be a customer of such a network but the owner is still within his or her rights to reject that traffic. (Such a network owner would soon have no customers, most likely.) But if a network owner gets port-scanned, or spammed, or relayspammed, or otherwise abused by some host or hosts, then she can absolutely complain to the owner of the network where those hosts are connected, and if she doesn't like their response to her complaint she can absolutely decide to reject all traffic from them. Perhaps her own customers will complain, and perhaps she will lose business. That's between her and her customers. A private matter. If the contract between the network owner and her customers does not allow this type of policy-level traffic rejection, then she may have to stop. At best this would be a matter for an arbitrator or civil court to determine. It's certainly not something that third parties, including third parties whose traffic is being rejected, to have any say in. Many restaurants have a "No shirt, no shoes, no service" sign out front. Perhaps they lose the business of shirtless and/or shoeless persons. But it's their business to lose. Outsider busybodies have no right to override the expressed wishes of business owners.