I personally would go this way:
- User enters e-mail address.
- Screen says "request will be processed, e-mail has been send" or something along those lines.
- If there is no account linked with this e-mail address: don't send a mail, but don't tell the guy requesting.
- If there is an account linked with this e-mail: send the reset e-mail including the usual "if this wasn't you simply ignore this mail, if you suspect abuse please contact $foobar"-message.
Here is why i would NOT tell anyone whether an account is linked with this e-mail address: Privacy. If you told everyone, everyone could check if $person is using $service.
Figured i would include why i wouldn't send a mail if there was no such user: Why should i? The user will probably either know which email address he used or try several at once (or only wait a short time span). Of course there are cases in which it would be a bit more userfriendly if one would send those mails, but they aren't important enough to negate the abuse potential.
There is not much abuse potential if only one website does that stuff (as long as they wouldn't send multiple mails in a short timespan), but imagine every webservice going this way. You would just have to collect a few of those services and then emailbomb someone 'you' dislike, without hitting any spamfilter!