Obviously my own mail servers should be marked as "allow" in an SPF record, but I'm not so sure about mail relays (e.g. my ISP). Since other people (not related at all with my server) also send email through the same relay, it seems to me the most appropriate choice would be listing the relays as "neutral" like:
v=spf1 ip4:myserverip ?include:_spf.myisp.com -all
Is this common practice? Or is there some better option?
The best practice is for an organization to add to SPF all email hosts authorized to send email on behalf of their domain.
Usually that includes your local servers and the hosts you trust to do relay work on your behalf. Failing to include those relays will impact mail delivery that happens through those hosts.
Deciding if those relays are trustworthy or not, and if the deliver risks are acceptable is up to you of course.
As an example, Google Apps customers are recommended to use include:_spf.google.com in their SPF records to authorize Gmail servers on their behalf.
