Most antivirus companies appear to disagree with you for now. At this point in time it is a competitive thing. They do it or they will not survive. My McAfee saw your example ebay page as a Trojan "js/cardsteeler'.
This has been a debate for some time and the antivirus companies have decided the debate. Can you look at it with SURBL also? Sure, but I am just saying it is a lot of effort to add these disposable IP addresses into any database. Who goes back and cleans up these databases 2 years from now when maybe a real user gets one? It's your system, I am just giving you my prospective, which could of course be wrong or...right. Time will tell.
Personally, I don't think an AV program should attempt to detect anything other than a virus or trojan -- actual malicious code. ClamAV's doing so has made it more than a bit of a nuisance for some administrators, who found that complaints about phishes sent to their abuse address were getting filtered by their AV program.