How about just letting the account get created and then disabling the account? I believe Moodle will only allow one account to be associated with an email address, subsequent attempts to create new Moodle accounts using the same email address should not work.
I have a Moodle 2.2 with captcha enabled for email-based self-registration and still get spam accounts created every couple of hours on average. I disable the accounts when I find them, most every day. So this costs the spammers a captcha attempt that somebody would have had to do, but it seems there are no shortage of people somewhere to pass the captcha test. At this point I assume that my captcha test is being repurposed by a spammer to have people falsely believe they may be unsubscribing from getting junk emails.