Basics to stopping SPLOGs??

I understand you have a anti splog.

We had a network once with a few thousand wpmu users, that generated about 1000 splogs a day. We took drastic measures and removed signups, as we were bypassing web reg.

Fast forward to now. After reading anti splog, I am afraid that I can mess it up fairly easy. I want to be able to use theme my login and custom registration fields, etc.

So if I havent had a problem, should I still go through the anti splog setup? or are basic things like not letting people choose passwords, requiring email validation, etc good enough for most low volume networks?