fix bug with concurrent math/rand.Rand.Read

firstly by using crypto/rand in those cases. and secondly by putting a lock
around the Read (though it isn't used at the moment).

found while working while implementing sending tls reports.

mox-/msgid.go

@@ -1,14 +1,13 @@
 package mox
 
 import (
+	cryptorand "crypto/rand"
 	"encoding/base64"
 )
 
-var messageIDRand = NewRand()
-
 // MessageIDGen returns a generated unique random Message-Id value, excluding <>.
 func MessageIDGen(smtputf8 bool) string {
 	buf := make([]byte, 16)
-	messageIDRand.Read(buf)
+	cryptorand.Read(buf)
 	return base64.RawURLEncoding.EncodeToString(buf) + "@" + Conf.Static.HostnameDomain.XName(smtputf8)
 }