I've encountered the same thorny problem. What happens is that the hosting company decided to use something like mod_security to deflect possible spam-tainted data before it reaches the Apache server. Problem is, when people have a list of ban words and try to update WP's options (../wp-admin/options.php), mod_security sees that list and thinks it's spam-tainted. This occurs even when you're not trying to change the blacklisted words, because the form sends out all the data including the list. Deleting the list should solve the problem but at the cost of bloggers not having control over what to ban.
Ok, I deleted my common spam words from the Options>Discussion panel, and I was able to update.
As far as SpamKarma goes, my use in the past supposedly caused my server here to crash so I've disabled it. Has that issue been fixed? I've upgraded to WP 1.5 now.
Thanks for all your help.