you can't revoke someone's membership in the group. the only way to control who can join the group is to control to whom you give the group specification string.
you can limit who can post by setting a posting password, and only giving the groupspecWithAuthorizations to those users who are authorized to post.
the ActionScript API doesn't let you see the IP addresses of your peers.
I'm not telling that i need to revoke someone from the group directly, i need solutions to let users avoid/filter spam/flood messages and avoid hacker write on behalf of them or others users. That's basicly all what's required to create proper chat.
you would need to employ cryptographic principles (such as public keys and signatures and stuff) to solve the forged message problem.
the ActionScript API doesn't allow you to influence the propagation of a posting through the P2P group.
you can implement moderation by using client-server or P2P principles to deliver messages from the larger population to the one or more moderators, and only have the moderators post the messages to the group (restricting posting capability with the posting password). the exact nature of the "P2P principles" would depend on how many moderators you have and the expected NAT/firewall mix of your users. even in that case you run the risk of spammers/hackers flooding the moderators, essentially denying everyone else legitimate access to the moderators. the best solution would be based on a PKI and signatures.