users: require email verification for signups from proxies.

Require users who signup using proxies to verify their email addresses
before they can perform any edits. For verification purposes, the email
must be a nondisposable address from a whitelist of trusted email
providers.

test/functional/posts_controller_test.rb

@@ -311,6 +311,13 @@ class PostsControllerTest < ActionDispatch::IntegrationTest
         assert_response 403
         assert_not_equal("blah", @post.reload.tag_string)
       end
+
+      should "not allow unverified users to update posts" do
+        @user.update!(requires_verification: true, is_verified: false)
+        put_auth post_path(@post), @user, params: { post: { tag_string: "blah" }}
+        assert_response 403
+        assert_not_equal("blah", @post.reload.tag_string)
+      end
     end
 
     context "revert action" do