Hi Aaron,
If you want to add more security check for the file,
You can use the FileValidating event.
when the FileValidating fired , that means the file is just uploaded and prepair to fire the FileUploaded.
So you can check more thing there, by using the HttpContext or other controls (for example, the custom varify code)
When you don't want accept that file , you can throw an exception:
if(..)throw(new Exception("Your error message"));
the uploader would catch that error , and show it in client's page.
Regards , Terry