That's another good use of it. I don't whitelist at the mail server level so I didn't think
As for punishing people with bad setups. Yes!
Admins are already punished for running open relays, not having reverse DNS records, firewall
blocking their sending SMTP servers and many other things. If they publish a SPF record, it
had better be correct.