The response to the "sitting duck attack", those companies may have a point that you shouldn't just leave a domain pointing somewhere you don't control, but at the same time they have a responsibility to make sure that their services aren't being used to distribute malware or conduct phishing scams.