controllers: refactor rate limits.

Refactor controllers so that endpoint rate limits are declared locally,
with the endpoint, instead of globally, in a single method in ApplicationController.

This way an endpoint's rate limit is declared in the same file as the
endpoint itself.

This is so we can add fine-grained rate limits for certain GET requests.
Before rate limits were only for non-GET requests.

app/controllers/dmails_controller.rb

@@ -1,6 +1,8 @@
 class DmailsController < ApplicationController
   respond_to :html, :xml, :js, :json
 
+  rate_limit :create, rate: 1.0/1.minute, burst: 50
+
   def new
     if params[:respond_to_id]
       parent = authorize Dmail.find(params[:respond_to_id]), :show?