That would raise a flag for me if I was monitoring the server. Have you tried contacting the user to see what their intentions are with the script.
Monitoring is part of what you should be doing. Remember, if they do send out 50,000 emails, your IP number is likely going to be blacklisted with places for 24-48 hours (if not permanent listings). So the actions of ONE person will affect all other persons on the same machine.
We monitor email usage for any suspicious activity - this would be one I'd class in the suspicious activity range.
Be sure to have your email limits set on the server so they can only send "x" emails per hour - this will help reduce your risk.