FEATURE: 'reply by email address' validator

Prevent infinite email loophole when the 'reply_by_email_address' site setting is the same as the 'notification_email'.

lib/validators/reply_by_email_address_validator.rb

@@ -0,0 +1,17 @@
+class ReplyByEmailAddressValidator
+  def initialize(opts={})
+    @opts = opts
+  end
+
+  def valid_value?(val)
+    return true if val.blank?
+
+    !!(val =~ /@/i) &&
+    !!(val =~ /%{reply_key}/i) &&
+    val.gsub(/\+?%{reply_key}/i, "") != SiteSetting.notification_email
+  end
+
+  def error_message
+    I18n.t('site_settings.errors.invalid_reply_by_email_address')
+  end
+end