To be clear, the owner of the phished brand usually makes very thorough efforts to contact the site owner or web host to let them know about it and to ask them to correct the problem.
If you've been reading the discussion, you'll know that's not the case in this case - and further points that our site was never used for any phishing.
Our host even claimed that: The domain is not directly hosting the phishing attack. Due to the fact that the server is running UserDir functionality, other user accounts can be accessed through the / ~username path. My ISP has confirmed that the UserDir functionality will be removed from all server within 48 hours.
And again, obviously not reading the discussion since the server was not ours and we did everything we could, including asking our web host to fix the problem and to contact the SURBL whitelisters - who did not answer them.
The most nagging issues from my previous message were completely ignored.
That's fine. No one likes to be told their system is broken. "They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." The famous Ben Franklin' quote used by OpenBSD team fits in quite nicely here.
I hope everyone understands how something like this can affect a small business. With a crew of just two we can't afford to spend this much time on a something we had no control over when we're trying our best to stay afloat in difficult times.
Clearly false positives are less of a concern that they should be.
Still wishing you all the best, Petros Kolyvas