Ability to disallow confusing unicode characters to prevent homoglyph phishing attacks

[alanhamlett]

When emails contain unicode characters that look similar to ascii characters, an attack vector is possible anytime we display the unicode email as an identifier of a user without punycode encoding the displayed email.

It would be nice to have an option to make confusing unicode characters fail email validation, but might be outside the scope of this library since it depends on the external confusables.txt data file from unicode.org?

The Unicode Consortium's Visual Spoofing Recommendations agree with this solution as a better alternative than blocking all unicode characters in domains and emails.