There is a difference between unsolicited email and a denial-of-service
attack, both in the effects, and the necessary response.
The main issue I see here is whether or not transit providers are going to
become "common carriers", such as telephone and shipping companies. This
means (as it applies here) that you are not liable for any content that you
carry. The only way you can deny access is with appropriate local legal
action (whatever that may be). The downside is that you cannot filter spam,
porn, or any other distasteful traffic. I believe emergency measures, such
as cutting off a site SYN flooding, or cutting the pair to a customer's
house, etc., is allowed, but a permanent solution needs legal action.
I believe that the net is headed in the common carrier direction, which
means we must find a better way to stop spam than denying routes. This is
the flip side to Universal Access; you cannot have good without having bad.
PS- I'm not a lawyer blah blah blah.