It will simplify things for them to have a "no timelocked transactions" policy on their terms of service, and an "if you send us a timelocked transaction, we will not process it so please email us for refund instructions" clause.
You are confusing different concepts here, I think. There are timelocked addresses and timelocked transactions.
In the case being discussed here, the address itself is timelocked by nature of the OP_CHECKLOCKTIMEVERIFY code in the script. Only the person who owns the address can set up an address in this way. Any and all coins sent to such an address cannot be spent until after the specified block height or Unix time.
Yes, exactly! That's what i was trying to say. Not the address, but the nLockTime field in the transaction.
But what do you mean by:
since timelocked transactions cannot be broadcast until after the timelock has expired, if someone tries to send money this way either the merchant will receive it normally, or the transaction won't broadcast at all.
Cannot someone send money to the merchant's address with a vicious timelock that the merchant may not be able to spend it this life?
Thanks!