From 27227986ab23ae377f52f07bae2c8e838ee7fc86 Mon Sep 17 00:00:00 2001
From: Alberto Bertogli <albertito@blitiri.com.ar>
Date: Sat, 19 Oct 2019 14:06:26 +0100
Subject: [PATCH] smtp-check: Improve error reporting

smtp-check exits on the first error, which is not ideal when
troubleshooting, as seeing only one error can mask others, or make it
more difficult to find the underlying cause.

This patch improves how smtp-check reports errors by tweaking the
presentation a bit, as well as perform almost all checks regardless of
whether they pass or not.
---
 cmd/smtp-check/smtp-check.go | 34 ++++++++++++++++++++++++----------
 1 file changed, 24 insertions(+), 10 deletions(-)

diff --git a/cmd/smtp-check/smtp-check.go b/cmd/smtp-check/smtp-check.go
index 569b424..51e9c37 100644
--- a/cmd/smtp-check/smtp-check.go
+++ b/cmd/smtp-check/smtp-check.go
@@ -8,6 +8,7 @@ import (
 	"context"
 	"crypto/tls"
 	"flag"
+	"fmt"
 	"log"
 	"net"
 	"net/smtp"
@@ -54,6 +55,7 @@ func main() {
 		}
 		log.Printf("OK")
 	}
+	log.Printf("")
 
 	mxs, err := net.LookupMX(domain)
 	if err != nil {
@@ -64,8 +66,9 @@ func main() {
 		log.Fatalf("MX lookup returned no results")
 	}
 
+	errs := []error{}
 	for _, mx := range mxs {
-		log.Printf("=== Testing MX: %2d  %s", mx.Pref, mx.Host)
+		log.Printf("=== MX: %2d  %s", mx.Pref, mx.Host)
 
 		ips, err := net.LookupIP(mx.Host)
 		if err != nil {
@@ -73,9 +76,10 @@ func main() {
 		}
 		for _, ip := range ips {
 			result, err := spf.CheckHostWithSender(ip, domain, "test@"+domain)
+			log.Printf("SPF %v for %v: %v", result, ip, err)
 			if result != spf.Pass {
-				log.Printf("SPF check != pass for IP %s: %s - %s",
-					ip, result, err)
+				errs = append(errs,
+					fmt.Errorf("%s: SPF failed (%v)", mx.Host, ip))
 			}
 		}
 
@@ -94,19 +98,21 @@ func main() {
 			}
 			err = c.StartTLS(config)
 			if err != nil {
-				log.Fatalf("TLS error: %v", err)
+				log.Printf("TLS error: %v", err)
+				errs = append(errs, fmt.Errorf("%s: TLS failed", mx.Host))
+			} else {
+				cstate, _ := c.TLSConnectionState()
+				log.Printf("TLS OK: %s - %s", tlsconst.VersionName(cstate.Version),
+					tlsconst.CipherSuiteName(cstate.CipherSuite))
 			}
 
-			cstate, _ := c.TLSConnectionState()
-			log.Printf("TLS OK: %s - %s", tlsconst.VersionName(cstate.Version),
-				tlsconst.CipherSuiteName(cstate.CipherSuite))
-
 			c.Close()
 		}
 
 		if policy != nil {
 			if !policy.MXIsAllowed(mx.Host) {
-				log.Fatalf("NOT allowed by STS policy")
+				log.Printf("NOT allowed by STS policy")
+				errs = append(errs, fmt.Errorf("%s: STS failed", mx.Host))
 			}
 			log.Printf("Allowed by policy")
 		}
@@ -114,5 +120,13 @@ func main() {
 		log.Printf("")
 	}
 
-	log.Printf("=== Success")
+	if len(errs) == 0 {
+		log.Printf("=== Success")
+	} else {
+		log.Printf("=== FAILED")
+		for _, err := range errs {
+			log.Printf("%v", err)
+		}
+		log.Fatal("")
+	}
 }