I disagree with this opnion. There is a lot of providers which send mails from domains that don’t exist ( for example: autoresponder@noreply.example.com , where noreply.example.org don’t exist ). I have to check logs and put exceptions for this all the time.
However, with a explicit wildcard SPF record, you are explicitly saying the policy for a domain.However, I do not recommend “v=spf1 -all”. Better with something like: "v=spf1 +mx:<BASE_DOMAIN> -all"
For example:
*.sebbe.eu IN TXT “v=spf1 +mx:sebbe.eu -all”
This explicitly sets the policy that your mailservers at MX = sebbe.eu is permitted, thus a SPF validation system will not interpret this as a misconfiguration, which “v=spf1 +all” or “v=spf1 -all” might be.
(Some SPF validators have hardcoded values what should be treated as an misconfiguration)