1) ok, for this you will need to the user level authentication. instead of setting the login to restrict if the verified column equals 0, set up user levels for verified and non verified. In the archived documentation section of the security assist support page, there is a tutorial for user level authentication.
2) when you test the registration, make sure you are not using the same email that you are using for the to address, if the from and to address are the same, most servers will not relay the email.