mta-sts support, get it nice and clean

management/dns_update.py

@@ -308,12 +308,12 @@ def build_zone(domain, all_domains, additional_records, www_redirect_domains, en
 	# autodiscover.* - Z-Push ActiveSync Autodiscover
 	# autoconfig.* - Thunderbird Autoconfig
 	mta_sts_records = [
-		("mta-sts", "A", env["PUBLIC_IP"], "Provides mta-sts support"),
-		("mta-sts", "AAAA", env["PUBLIC_IPV6"], "Provides mta-sts support"),
-		("_mta-sts", "TXT", "v=STSv1; id=202022022043", "Provides mta-sts support"),
-		("_smtp._tls", "TXT", "v=TLSRPTv1;", "extend with rua=mailto:email@addres for reporting")
-
+		("mta-sts", "A", env["PUBLIC_IP"], "Provides MTA-STS support"),
+		("mta-sts", "AAAA", env["PUBLIC_IPV6"], "Provides MTA-STS support"),
+		("_mta-sts", "TXT", "v=STSv1; id="+datetime.datetime.now().strftime("%Y%m%d%H%M%S")+"Z", "Enables MTA-STS support"),
+		("_smtp._tls", "TXT", "v=TLSRPTv1", "change to  with v=TLSRPTv1; rua=mailto:email@addres for reporting")
 	]
+
 	for qname, rtype, value, explanation in mta_sts_records:
 		if value is None or value.strip() == "": continue # skip IPV6 if not set
 		if not has_rec(qname, rtype):

management/web_update.py

@@ -27,9 +27,10 @@ def get_web_domains(env, include_www_redirects=True, exclude_dns_elsewhere=True)
 	# Add Autoconfiguration domains, allowing us to serve correct SSL certs.
 	# 'autoconfig.' for Mozilla Thunderbird auto setup.
 	# 'autodiscover.' for Activesync autodiscovery.
-	# 'mta-sts.' for MTA-STS support.
 	domains |= set('autoconfig.' + maildomain for maildomain in get_mail_domains(env))
 	domains |= set('autodiscover.' + maildomain for maildomain in get_mail_domains(env))
+
+	# 'mta-sts.' for MTA-STS support.
 	domains |= set('mta-sts.' + maildomain for maildomain in get_mail_domains(env))
 
 	if exclude_dns_elsewhere: