I don't think the issue is that he was hosting an active phishing site. The main issue here is the amount of time he was given to fix the problem was too small. You think Rackspace's upstreams would shut the pipes down if there were a bunch of phishing sites that set up shop? Doubtful. Usually they only get involved when there is a MASSIVE DDoS.
Well, from my experience in industry, big providers of bandwidth do apply pressure (up to and including the threat of disconnect) to large hosting companies in an effort to get them to clean up their act, even when it comes to things like spamming and phishing that are less outright destructive to the network than DDoS activity. You are right that a million dollar customer will get a lot more slack than a twenty dollar user... but, uh, to me that should be expected. Dealing with abuse is very expensive. Some places I've worked that has been the majority of support costs.
