GDPR & EPD require user consent before storing a users personal information.
Wrong.
User consent is one of the ways that justify storing personal information, but there are others.
You may check art.6 to see the several reasons that allow to store personal information.
In this case, it seems reasonable to justify it under the paragraph f
(f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Of course, that means that the data has to be used for this purpose. Avoiding spammers and other banned users would be such a purpose, but you should ensure that you do not send those e-mail address commercial information or even a Christmas greeting.
In any case, be careful with anything you store. If along with the e-mail you stored more info, this could be interpreted as excessive and beyond the scope of paragraph f. For example, imagine storing "User wrote nazi statements" explaining why the e-mail is banned; EU laws are very restrictive about storing information about political or religious beliefs.