> that would probably be an incomplete mitigation:
Sounds better than no solution!
> -people can use the photo id field instead
Size limit can be enforced.
> -people can use valid e-mail addresses under an own domain ("catch-all")
As long as it can validate, seems fine to me. Better than no verification.
> -your keyserver suddenly can be abused for email spamming
Any online service that allows registrations can be abused for email spamming, if you consider registration emails
an "email spam".
Another limitation: you cannot apply the email verification process to the recon algo, because the user would get flooded with verification emails. That means you could have a malicious SKS implementation flooding others with non-verified emails. Again, not perfect, but a good start.