We typically do not do a direct mirror of the SPF record, nor do we encourage this as a practice.

Our SPF approach is a service based approach, which translates into a targeted and instant SPF response. The reasons for that are multiple:

1. There are many smaller services that might be using bigger ones under the hood for SPF configuration.

2. You could have deprecated services and IPs in your current SPF record and the Enabled Senders list must only represent the services/IPs you are currently using.

3. Sometimes vendors can give out incorrect info and you do not want to mirror something that is not directly approved by you.

With that said, you can confidently point SPF to Valimail, as any configuration work like adding new services and/or Netblocks can be performed after that as well. This will not cause any email deliverability problems for you, because you are not enforcing DMARC at present time - your DMARC record being p=None.

Related article:

I can't find a sender in the email service provider configuration list