SpamAssassin X-Spam-Report includes openspf.org link - but openspf is down/gone?

[pkiff]

The X-Spam-Report added by SpamAssassin to email headers today included a link to www.openspf.org:
4.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=helo;i...d];ip=###.###.###.###;r=[my.cpanelserver.tld]

When I check the provided link (I've removed the domain/IP/referrer info), it seems that openspf.org is down. When I check openspf.org using isup.me, it also shows down. And a quick web search suggests that maybe it has been down permanently for a long time?

Is that true? Or are searches like this to openspf.org just being blocked?

Should I be changing a setting in SpamAssassin so that it will insert a different link into the X-Spam-Report for this kind of failure?

I'm running cPanel 110.0.5.

 

[cPRex]

Hey there! It looks like they might be having DNS issues on their end. I see that open-spf.org works but openspf.org does not. I would expect this to be a short-term issue and they'll get that resolved.

 

[pkiff]

I dunno. It looks to me like the openspf.org site has been offline since sometime in 2019?

Wayback Machine

web.archive.org

And some additional searching, I found a SpamAssassin ticket over on Apache.org from 2019, updated in April 2022, that seems to confirm that the openspf.org API call used by SpamAssassin to create that message no longer refers to a reliably working API. But the response to that ticket is "Won't Fix". According to that ticket, the text for the API call comes from code that was contributed or imported from another project and they don't want to take on the task of maintaining this other email project...or something:

Digging further, I found that the message that contains the openspf.org URL comes directly from Mail::SPF code, which was contributed to CPAN by the same person who set up the openspf.org site. The module hasn't been updated since before the site and the maintainer disappeared.
I think this is a minor issue that we can just ignore. Fixing it would require either taking over maintenance of Mail::SPF on CPAN, or kludging an edit of the return message that it sends. I'm going to just close this as a WONTFIX.

See:

7746 – Mail::SPF returns apparently defunct explanation URL for SPF failures

bz.apache.org

I'm surprised I haven't run into this in the past couple years. Maybe the old domain is sometimes functioning at some level still. Or maybe I just haven't had too many SPF failures in the past while since my servers are always running with correct SPF configurations!

For anyone arriving at this thread looking for a solution, you should be able to manually replace "openspf.org" with "open-spf.org" in the URL with paramters provided in the X-Spam-Report for SPF Fail and then pull up the intended result there. Additional details for the configuration of Why/API calls to open-spf.org are available here (though you still have to replace "openspf" with "open-spf" in their examples, since the open-spf.org site doesn't relfect the new URL either!:

SPF: Why/API