SPF for drupal.org doesn't include servers that send email confirmations (osuosl.org)

Hey there,

I've just added a new email address to my account and found out that the confirmation email gets greylisted by my server. This is because the server(s) sending the confirmation emails are not included in the drupal.org SPF record.

current SPF:

$ dig +short drupal.org txt
"v=spf1 include:servers.mcsv.net ?all"

Log lines (email addresses anonymized) that show postfix receiving the email:

Apr 22 15:47:36 pshum postfix/smtpd[25596]: connect from hemlock.osuosl.org[140.211.166.133]
Apr 22 15:47:37 pshum milter-greylist: (unknown id): addr hemlock.osuosl.org[140.211.166.133] from =lelutin.ca@drupal.org> to <someone@somewhere.tld> delayed for
 00:14:35 (ACL 164)
Apr 22 15:47:37 pshum postfix/smtpd[25596]: NOQUEUE: milter-reject: RCPT from hemlock.osuosl.org[140.211.166.133]: 451 4.7.1 Greylisting in action, please com
e back later; from=<bounces+someone=somewhere.tld@drupal.org> to=<someone@somewhere.tld> proto=ESMTP helo=<hemlock.osuosl.org>
Apr 22 15:47:37 pshum postfix/smtpd[25596]: disconnect from hemlock.osuosl.org[140.211.166.133]

Email is finally delivered, albeit with a delay. So the issue does not have a very high impact. It might help the domain's reputation to make the hosts verifiable through the SPF though.

I'd suggest you add the relevant hosts or add some "include:osuosl.org" part in the SPF, or what should be relevant to this case.