Comment 0 for bug 781438

Right now, messages sent to confirm one's email address don't expire.

They should expire in 24 or 48 hours:

- enforced in the verification code
- old unconfirmed email addresses should be removed on cron
- email messages sent out should have some expiry headers to inform mail clients

The expiry headers are listed here:

  http://www.cs.tut.fi/~jkorpela/headers.html
  http://people.dsv.su.se/~jpalme/ietf/mail-headers/mail-headers.html