Yes it is. A responsible consumer ISP that's a good citizen on the Internet takes responsibility for everything that comes out of their system which includes, in practice, blocking ports for customers unless the customer calls tech support to get it unblocked. It also includes blocking outgoing DDoS traffic and kicking customers offline until they resolve the issue. And blocking spam sending bots. Unless you think keeping infected Windows PCs and rooted webcams online is a good thing.
Of course, not all ISPs do this, which is why DDoS attacks are still a thing, but the point remains, that responsible ISPs will take steps to prevent malicious traffic on the Internet from exiting their systems.
Of course, not all ISPs do this, which is why DDoS attacks are still a thing, but the point remains, that responsible ISPs will take steps to prevent malicious traffic on the Internet from exiting their systems.