+1
I had another idea. Suppose you could get the outbound packets to start with a shorter time to live (TTL). This would limit how many hops the packets would survive. Now I see problems, but I was thinking that many SIP scanners would be on longer routes than your legitimate server.
The TTL idea is probably flawed. The original suggestion on this thread to list subnets would be quite sufficient, unless the list of subnets was too big. I wonder how big the list of subnets used for GV is.
OBiTalk could pre-populate X_AccessList for the providers that it specifically knows about.