The standard procedure here is to use some reverse turing test (e.g., CAPTCHAs) to (at least theoretically) stop the spammers from writing software to sign up for accounts. But if you're willing to have people just sit there and "solve" the test, then you can sign up for a large number of accounts. In addition, there has been a fair amount of work on attacking this kind of test.
I just noticed that Google has come up with quite a clever technique for rate limiting by tying your account to a real world identity. When you sign up for gmail you need to enter a code that they SMS to you. This way they know that you have access to that mobile phone and can limit the number of accounts given to any one phone user. The downside of this, of course, is that now Google knows your mobile phone number (or at least the number of someone you know), which isn't ideal if you want to be really anonymous, which is one reason that people use free e-mail providers.
