This came about in a discussion with @Philippe-WMF in the context of this. As an administrator I want to minimise the amount of time I spend dealing with sockpuppets and the like and protect the community from harassment and spam; and the tools I have are not sufficient.
When an account is created or an email is sent, MediaWiki should place a cookie counting the amount of accounts created or emails sent. Rate limits are then triggered when these counts exceed some number.
While this won't stop dedicated vandals, hopefully it'll slow them down and completely dissuade potential sockpuppeteers at the margins.