Hi.
The phpdoc of PrefsEmailAuditHook describes the return value can abort the changing, but actually it can't.
Therefore, extensions cannot prevent users from changing their emails. More specially, there is an open task for Extension:SpamBlacklist. [1] Users can easily bypass the email blacklist, and it really bothers me on a wiki where I act as a bureaucrat.
So Uploaded a patch for this and a patch for SpamBlacklist in May. And now I've realized I didn't promote my patches enough.
If you are interested, please help me by giving a comment or reviewing my patches.
Regards.