All depends on the client and if I think the abuse is intentional or not.
If the user knows what he/she is doing and I don't think they are being malicious then I will send them everything.
If I think they are doing it on purpose I send enough to prove my case and tell them to knock it off - before I knock it off for them (or after - depends on how much damage they are causing).
If they don't have a clue then sending them a bunch of information they won't understand is pointless. We either help them clean up the mess or refer them to someone who can.
Ditto here on all the above. Too often it falls under the latter category it seems. Since we're in the hosting/colo business PHP web forms seem to be the vast majority of issues lately. I'd love to know what cluebats or magic bullets are available for whacking this particular mole most effectively. --chuck goolsbee digital.forest