Mark's contact forward the inquiry to a Mr. G. who works as Associate Director for Customer Appeals, AT&T Office of the President. After receiving a detailed synopsis, Mr. G. looked into it and replied the same working day (!):
What I have learned is whenever someone comes across a situation where their IP has been blocked then you should receive a message basically stating “The website you are trying to reach is hosted on a server that has been compromised and was involved in malicious activity. AT&T has blocked the IP address on our network”. I am not sure what type of message you received, but the easiest way to address this in the future is by calling our U-verse Care center who is equipped to assist you with this matter. Their number is 1-800-288-2020 and if needed they can engage extra support to handle this type of issue. We do also have directions on how to identify the vulnerability so you as the hosting provider can contact email@example.com and specify the IP address being blocked for instructions on how to remove the vulnerability and get the block lifted. Please let me know if this addresses your concern and should you have any additional questions please let me know. Thank you!
Thank you too, Mr G, for a prompt response! Points to the AT&T and the U-verse team.
Alas, no message as noted above appeared. What triggered the block and what the trigger thresholds are remain unclear. Why is perfectly understandable: so baddies cannot circumvent them. Perhaps it was a glitch in the attack detection software? This block is the first seen in nearly five years of solid and reliable U-verse service and three years of using HostMonster.
The workaround is to have a small script monitor hosts and raise an alarm should they suddenly become unpingable via AT&T's network.
Many thank to Mark, too. I owe you lunch. We gotta go to that place I keep telling you about in Santa Paula.