Is your feature request related to a problem? Please describe.
The problem is that you can create a spam attack via the errorreport.php

Describe the solution you'd like
Add a form token to the error report form. This form token can be checked on submission, if it is invalid no email is send out.

Describe alternatives you've considered
The only real alternative is to turn off the error report form.

Additional context
I posted this first in the Google group, here is my post for reference:
https://groups.google.com/forum/#!topic/simplesamlphp/ccy6fN0PslI