Creating an SPF (Sender Policy Framework) record helps prevent other servers from spoofing your email address and also helps other servers determine whether or not your messages are spam. However, without widespread use of SPF at the moment, the latter isn’t very effective.
SPF Records use reverse DNS to check if a sending email address is valid. For example, if you see an email from firstname.lastname@example.org it may or may not be from me. A server will perform a reverse DNS check for iishacks.com to see if the sending machine is authorized to send that message. If the SPF Record is on my server and I authorize only my server to send messages from IISHacks, then only messages sent from email@example.com from my server will show up as valid.
More and more email servers are using SPF records as a way to sort and rank possible spam. If a sending server does not have an SPF record or is not an authorized sender of a server with an SPF record, some email servers will flag that message as spam or else reject it completely. Large email hosting companies are already incorporating SPF as a spam tool.
If you host your own email server but your DNS/MX records are hosted somewhere else (ex. Godaddy) you can login to their administrative panel and follow their steps to create and publish an SPF record. If you host your own DNS you can follow the steps at openspf.org to create a valid SPF record and then follow the steps below to implement it into your Windows server.
Go to Start –> Programs –> Administrative Tools –> DNS
Expand the DNS tree, under Forward Lookup Zones select the domain you wish to create an SPF record for. In the white space, Right-Click and select Other New Records…
Select Text (TXT) in the Resource Record Type dialog box, click Create Record…
Type in the SPF record data in the Text: area, click OK. Reference the openspf.org wizard to create the SPF data.