> I've never heard of any provider making someone turn over their mailing lists. Do you have any further information about when this has occurred?
---
I didn't mean to imply that was what happened. I said that they'd have to if it's to be checked.
My thoughts were that you're either going to have to trust the accused spammer - in which case you can turn over the SHA of the complaining email address, and the provider can compare it to the SHA hashes of their own. Or... they're going to have to turn the list (again, preferably with the entries hashed) over to you - and then, I suppose, you'll have to trust that they're giving you a truthful list.
But, either way, I don't see how the mere act of hashing the list is going to significantly alter the problems of nuisance complaints or of dealing with large lists. Hashing is a very cheap thing to do after all.
There's not really anything you can do about an individual spam complaint, aside from telling the end user and having them remove the email from their list (aside from things that are quite obviously spam).
The problem is the 'Report Spam' button is also the 'I no longer wish to receive this email' button to non-technical users. Just because you've received a spam complaint, doesn't mean that it wasn't an opt-in email.
Providers never attempt to verify your email list. If you generate too many spam complaints, you get terminated. It's not feasible for a third party to get a copy of your mailing list, then somehow evaluate how legitimate it is.
Generally, when someone gets too many spam complaints, or doesn't handle them well, they get terminated from the hosting provider.