This raises important issues, though. What do we expect providers to do? Do we expect them to take action based on email received from unknown people? It seems from some of the other posts on this topic that we do expect that.
Most providers that I have dealt with will take action against a user who is originating spam when the information mailed to them from this unknown person can be coroborated with information they gleen from system logs and the users activities etc. Although you can't realistically persue most hack attempts with legal action, the host provider, from my observations, is more than willing to kick the SOB off their systems. The question remains though, "Whats reasonable?" Each provider has a different view of what they should or should not do when presented with a report of "abuse" from one of their customers. I'm almost certain this has already been done in some fasion but I'm not aware of where it might be housed so... It would be nice if some group (Hey, wait a minute.. we're something of a group..) could come up with an "Acceptable Use Policy" that people could subscribe to or use as a base for building their own policy. Keeping a list of people who have agreed to this policy or a varient of it might help new services to get the hint that this sort of stuff just doesn't go very well with many people on the net. -Wayne