Is there anyway you could get away from the catch all e-mail address? i.e. add a large set of relevant e-mails and forward them appropriately? This will help in 2 ways, as the receiving host can then recognize invalid e-mail addresses and simply ignore them and also you won't get the untargeted spam....
SPF will only help if your receiving party use SPF checking but still that dont mean you will NOT get the DFN,
SPF is used by server to check if the sending server is the valid server to send mail, but there are not much servers that simply block the email if SPF fail. still if your domain is the FROM domain, if the spamers email fail to send if will bounce back to your servers.
good ida would be NOT to use catch-all, only use the emails you need to use or mail fwd to one account but only email address you use.