We encountered this problem and applied a couple of additional mechanisms to address it:
A prior sprint proposed an enhancement which would require a Journal Manager to optionally approve each new user registration. Code for this was attached to an issue here, but not pulled into a release yet: