Add an SPF record for the listserv

Recently, Gmail has started to rate-limit deliveries from our
mailing list server, with this message:

    SMTP error from remote mail server after end of data: This mail
    has been rate limited because it is unauthenticated. Gmail
    requires all senders to authenticate with either SPF or DKIM.

According to https://support.google.com/mail/answer/81126 also:

    Starting February 2024, Gmail will require the following for
    senders who send 5,000 or more messages a day to Gmail accounts:
    Authenticate outgoing email, avoid sending unwanted or
    unsolicited email, and make it easy for recipients to
    unsubscribe.

In order not to place undue additional load on our MTA's deferral
queue, adding a neutral SPF rule is nicer than unsubscribing and
blocking all Gmail users. A simple "a" rule should suffice, since we
don't relay through any smarthost currently. Set the TTL to 5
minutes for now, in case we need to make rapid adjustments to this
policy in the near future.

Change-Id: Ifc4a58e90ee6652cc65ed04ce619ac9b4f1b05a3

zones/opendev.org/zone.db

@@ -2,7 +2,7 @@
 $ORIGIN opendev.org.
 $TTL 1h
 @			IN	SOA	adns02.opendev.org. hostmaster.opendev.org. (
-				1701192950  ; serial number unixtime
+				1701799797  ; serial number unixtime
 				1h          ; refresh (secondary checks for updates)
 				10m         ; retry   (secondary retries failed axfr)
 				10d         ; expire  (secondary ends serving old data)
@@ -290,6 +290,7 @@ _acme-challenge.keycloak	IN	CNAME	acme.opendev.org.
 ; We use address records for lists01 here instead of a CNAME
 lists			IN	A	162.209.78.70
 lists			IN	AAAA	2001:4800:7813:516:be76:4eff:fe04:5423
+lists		300	IN	TXT	"v=spf1 a ?all"
 _acme-challenge.lists	IN	CNAME	acme.opendev.org.
 
 lists01			IN	A	162.209.78.70