The use of an e-mail address should be configurable by the site owner. Of course, if the site's configured to require e-mail confirmation of registration then we need to either require a valid e-mail address as the user name or make a separate e-mail address mandantory if we allow arbitrary user names.
On your second point, yes, hardcoded values shouldn't be used unless one knows they won't change. "deleted/not deleted" makes sense as a boolean, but those of us who've been around awhile have seen the evolution from "approved_p" to "users_state", i.e. a multi-state approval policy. Many other former booleans have evolved in the same way. We should avoid falling into the simple trap of mapping state values onto boolean unless we can really convince ourselves that only two states will suffice forever.