Hi, Thanks everyone for the responses. In summary ....
Considering we are at the start of a chain of resellers towards the end customer, contractually we should pass these down. It might be a good idea to segment our immediate resellers onto separate NAT ranges (we have one global NAT range), allocate these addresses to the resellers in RIPE and then the abuse issues go to them. We need to give them the ability to map back to their private addresses (we operate the infrastructure as a service). The other thing to do is to have a well formed AUP, a reasonable procedure for dealing with these, and that would normally be sufficient to show that you are making best effort. Alternatively reply to each of these with a request for more information, if you get no response, then ignore. Thanks John
