[fix] Order of mail checks and mail queue

data/hooks/diagnosis/24-mail.py

@@ -6,15 +6,12 @@ import socket
 import re
 
 from subprocess import CalledProcessError
-from types import FunctionType
 
 from moulinette.utils.process import check_output
-from moulinette.utils.network import download_text
 from moulinette.utils.filesystem import read_yaml
 
 from yunohost.diagnosis import Diagnoser
 from yunohost.domain import _get_maindomain, domain_list
-from yunohost.utils.error import YunohostError
 
 DIAGNOSIS_SERVER = "diagnosis.yunohost.org"
 
@@ -38,8 +35,8 @@ class MailDiagnoser(Diagnoser):
         # TODO Validate DKIM and dmarc ?
         # TODO check that the recent mail logs are not filled with thousand of email sending (unusual number of mail sent)
         # TODO check for unusual failed sending attempt being refused in the logs ?
-        checks = [name for name, value in MailDiagnoser.__dict__.items()
-                       if type(value) == FunctionType and name.startswith("check_")]
+        checks = ["check_outgoing_port_25", "check_ehlo", "check_fcrdns",
+                  "check_blacklist", "check_queue"]
         for check in checks:
             self.logger_debug("Running " + check)
             reports = list(getattr(self, check)())
@@ -64,7 +61,9 @@ class MailDiagnoser(Diagnoser):
                 yield dict(meta={"test": "outgoing_port_25", "ipversion": ipversion},
                            data={},
                            status="ERROR",
-                           summary="diagnosis_mail_ougoing_port_25_blocked")
+                           summary="diagnosis_mail_ougoing_port_25_blocked",
+                           details=["diagnosis_mail_ougoing_port_25_blocked_details",
+                                    "diagnosis_mail_outgoing_port_25_blocked_relay_vpn"])
 
 
     def check_ehlo(self):
@@ -82,7 +81,8 @@ class MailDiagnoser(Diagnoser):
                 yield dict(meta={"test": "mail_ehlo", "ipversion": ipversion},
                            data={"error": str(e)},
                            status="WARNING",
-                           summary="diagnosis_mail_ehlo_could_not_diagnose")
+                           summary="diagnosis_mail_ehlo_could_not_diagnose",
+                           details=["diagnosis_mail_ehlo_could_not_diagnose_details"])
                 continue
 
             if r["status"] == "error_smtp_unreachable":
@@ -153,25 +153,30 @@ class MailDiagnoser(Diagnoser):
                     continue
 
                 # Try to get the reason
+                details = []
                 try:
                     reason = str(dns.resolver.query(query, "TXT")[0])
+                    details.append("diagnosis_mail_blacklist_reason")
                 except Exception:
                     reason = "-"
 
+                details.append("diagnosis_mail_blacklist_website")
+
                 yield dict(meta={"test": "mail_blacklist", "item": item,
                                  "blacklist": blacklist["dns_server"]},
                            data={'blacklist_name': blacklist['name'],
                                  'blacklist_website': blacklist['website'],
                                  'reason': reason},
                            status="ERROR",
-                           summary='diagnosis_mail_blacklist_listed_by')
+                           summary='diagnosis_mail_blacklist_listed_by',
+                           details=details)
 
     def check_queue(self):
         """
         Check mail queue is not filled with hundreds of email pending
         """
 
-        command = 'postqueue -p | grep -v "Mail queue is empty" | grep -c "^[A-Z0-9]"'
+        command = 'postqueue -p | grep -v "Mail queue is empty" | grep -c "^[A-Z0-9]" || true'
         try:
             output = check_output(command).strip()
             pending_emails = int(output)
@@ -179,7 +184,8 @@ class MailDiagnoser(Diagnoser):
             yield dict(meta={"test": "mail_queue"},
                        data={"error": str(e)},
                        status="ERROR",
-                       summary="diagnosis_mail_queue_unavailable")
+                       summary="diagnosis_mail_queue_unavailable",
+                       details="diagnosis_mail_queue_unavailable_details")
         else:
             if pending_emails > 100:
                 yield dict(meta={"test": "mail_queue"},

locales/en.json

@@ -184,20 +184,26 @@
     "diagnosis_swap_none": "The system has no swap at all. You should consider adding at least 256 MB of swap to avoid situations where the system runs out of memory.",
     "diagnosis_swap_notsomuch": "The system has only {total} swap. You should consider having at least 256 MB to avoid situations where the system runs out of memory.",
     "diagnosis_swap_ok": "The system has {total} of swap!",
-    "diagnosis_mail_outgoing_port_25_ok": "Outgoing port 25 is not blocked and email can be sent to other servers.",
-    "diagnosis_mail_outgoing_port_25_blocked": "Outgoing port 25 appears to be blocked in IPv{ipversion}. You should try to unblock it in your internet service provider (or hosting provider) configuration panel. Meanwhile, the server won't be able to send emails to other servers.",
+    "diagnosis_mail_outgoing_port_25_ok": "Outgoing port 25 is open, emails can be sent",
+    "diagnosis_mail_outgoing_port_25_blocked": "Outgoing port 25 appears to be bloecked in IPv{ipversion}",
+    "diagnosis_mail_outgoing_port_25_blocked_details": "You should first try to unblock it in your internet service provider (or hosting provider) configuration panel or by sending a ticket to your hosting provider. Meanwhile, the server won't be able to send emails to other servers.",
+    "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Some providers won't let you unblock outgoing port 25 because they don't care about Net Neutrality.<br> - Some of them provide the alternative of <a href='https://yunohost.org/#/smtp_relay'>using a mail server relay</a> though it implies that the relay will be able to spy on your email traffic.<br>- A privacy-friendly alternative is to use a VPN *with a dedicated public IP* to bypass this kind of limits. See <a href='https://yunohost.org/#/vpn_advantage'>https://yunohost.org/#/vpn_advantage</a><br>- Finally, it's also possible to <a href='https://yunohost.org/#/isp'>change of provider</a>",
     "diagnosis_mail_ehlo_ok": "Postfix mail service answer correctly from outside",
-    "diagnosis_mail_ehlo_unavailable": "Postfix mail service don't answer to EHLO request on IPv{ipversion}.",
-    "diagnosis_mail_ehlo_wrong": "A mail server answer {wrong_ehlo} instead {right_ehlo} on IPv{ipversion}.",
-    "diagnosis_mail_ehlo_could_not_diagnose": "Could not diagnose if postfix mail server is reachable from outside. Error: {error}",
-    "diagnosis_mail_fcrdns_dns_missing": "No reverse DNS defined for the ip {ip}.",
-    "diagnosis_mail_fcrdns_different_from_ehlo_domain": "Your reverse DNS {rdns_domain} is different from your EHLO domain {ehlo_domain} on {ip}.",
-    "diagnosis_mail_fcrdns_ok": "Your reverse DNS is well configured.",
-    "diagnosis_mail_blacklist_ok": "The public IPs of this instance are not listed on email blacklists.",
-    "diagnosis_mail_blacklist_listed_by": "{item} is blacklisted on {blacklist_name}. Reason: {reason}. See {blacklist_website}",
+    "diagnosis_mail_ehlo_unavailable": "Postfix mail service don't answer to EHLO request on IPv{ipversion}",
+    "diagnosis_mail_ehlo_wrong": "A mail server answers {wrong_ehlo} instead {right_ehlo} on IPv{ipversion}",
+    "diagnosis_mail_ehlo_could_not_diagnose": "Could not diagnose if postfix mail server is reachable from outside",
+    "diagnosis_mail_ehlo_could_not_diagnose_details": "Error: {error}",
+    "diagnosis_mail_fcrdns_ok": "Your reverse DNS is well configured",
+    "diagnosis_mail_fcrdns_dns_missing": "No reverse DNS defined for the ip {ip}",
+    "diagnosis_mail_fcrdns_different_from_ehlo_domain": "Your reverse DNS {rdns_domain} is different from your EHLO domain {ehlo_domain} on {ip}",
+    "diagnosis_mail_blacklist_ok": "IPs and domains used by this server to send mail are not on most used email blacklists",
+    "diagnosis_mail_blacklist_listed_by": "{item} is blacklisted on {blacklist_name}",
+    "diagnosis_mail_blacklist_reason": "The blacklist explains: {reason}",
+    "diagnosis_mail_blacklist_website": "After identifying why you are listed and fixed it, feel free to ask for delisting on {blacklist_website}",
+    "diagnosis_mail_queue_ok": "{nb_pending} pending emails in the mail queues",
     "diagnosis_mail_queue_unavailable": "Can not consult number of pending emails in queue",
-    "diagnosis_mail_queue_too_big": "The mail queue has {nb_pending} pending emails in the mail queue. It seems abnormal.",
-    "diagnosis_mail_queue_ok": "The mail queue has {nb_pending} pending emails in the mail queue.",
+    "diagnosis_mail_queue_unavailable_details": "Error: {error}",
+    "diagnosis_mail_queue_too_big": "Too many pending emails in mail queue ({nb_pending} emails)",
     "diagnosis_regenconf_allgood": "All configurations files are in line with the recommended configuration!",
     "diagnosis_regenconf_manually_modified": "Configuration file <code>{file}</code> appears to have been manually modified.",
     "diagnosis_regenconf_manually_modified_details": "This is probably OK if you know what you're doing! YunoHost will stop updating this file automatically... But beware that YunoHost upgrades could contain important recommended changes. If you want to, you can inspect the differences with <cmd>yunohost tools regen-conf {category} --dry-run --with-diff</cmd> and force the reset to the recommended configuration with <cmd>yunohost tools regen-conf {category} --force</cmd>",