The logic of this escapes me. So ORBS scans for open relays.
Their goals are no different from Above.net's scanning for vulnerable
nameservers. The only fundamental differences are that Above.net
is probing their own customers and using a different TCP/UDP port.
If Above.net wants to filter scans that's one thing but they could
have started better by filtering some of the many netscans we see
from .kr and .cn subnets.
I have no problem being scanned by either ORBS or Above.net. I do
have a problem with upstream port filtering without my knowledge
or express permission.
One reason Above.net might block ORBS probably has not been discussed
on NANOG. ORBS competes directly with RBL/DUL/RSS/mail-abuse.org.
RBL and Above.net share management. Above.net's filters, it would
seem, are the result of a business decision whose goal has less to
do with customer safety than with inhibiting competition.
With the exception of ORBS filtering both Above.net and ISC are
doing a great job. Here's hoping Above.net takes the opportunity to
improve by adopting more consistent policies on scanning and
filtering.