Yeah, I really need to make more usergroups to do that kind of things.
It's just that the permissions are going to be more complex than. But there are other things I would like to do with user upgrades so I really have to start with this.
I found a solution that is the best of both worlds. You can allow a user to put some personal information in their profile during login, by using a custom user text field (shown at registration) with the the regex option
A spammer (human or not) will attempt to put a URL in here and then find their registration is refused.
I also don't allow any profile editing until their first user promotion, but I let new users know in their welcome PC that once they are approved they will be able to edit their profile.