I used to use this method (dirty hack I know but it worked like a charm) to moderate user/site signups for wpmu, http://wpmututorials.com/hacks/how-to-moderate-signups/
I found similar functions in the new ms-functions.php file but they same kind of hack doesn't seem to work, or perhaps I am doing it wrong, I can't seem to get the system to send me the first email with the information I need to determine if the user is a spammer or not. The nice part of this system was you got to decide if the user even got their blog approved instead of letting them sign up and then being forced to delete both a user and blog from the backend.
If anyone could give me a hand in applying the same hack above to the new wordpress 3.0 system I would be your best friend!
Thanks in advance.