Allow sanitise_content_for arg in send_email_notification endpoint.

So that seervice users can tell us to sanitise content for specific placeholders.
This is part of the work to mitigate against the placeholder injection
vulnerability.

Also add sanitised_content attribute to the response schema
- this is new response attribute where we tell service users
when a content they told us to sanitise was actually altered
as a result.