SPF (Sender Policy Framework) is an email protection mechanism that specifies which servers are allowed to send mail on behalf of a domain. The list of these servers is published in DNS inside a special TXT record, so the recipient can verify the authenticity of the sender.
When a mail server receives a message, it looks at the sender's domain, requests its SPF record from DNS and compares the IP address of the sending server against the list of allowed ones. If the address is on the list, the message passes the check; if not, it lands in spam or is rejected. An example record: v=spf1 include:_spf.google.com ~all.
Without SPF, an attacker can forge the sender's address and send messages supposedly coming from your domain. SPF closes this hole:
SPF is a simple but important step in protecting the reputation of a domain and its owner.