Sender Policy Framework (SPF) is used to indicate to mail exchanges which hosts are authorized to send mail for a domain. In simple word SPF is a security mechanism created to prevent the bad guys from sending email in your behalf. This mechanism is all about communication between DNS servers.
For Example, lets say you have sent an email to Neo. But how does Neo’s DNS server know what that the email was in fact sent by you? It does not really. Unless you have SPF set on your DNS server.
SPF record defines which IP address can be used to send emails from your domain.
Lets see two possible server conversations to understand it easily, suppose your name is John.
Situation 1 :- If you do not have SPF record set up
John’s server : Hey Neo’s server. I have got a new message from John.
Neo’s server : Hi John’s server. What is your SPF?
John’s server : Who cares about SPF. I do not have one. Trust me, it’s from John.
Neo’s server : If you do not have SPF, I can not be sure it was John who sent this. Please give me mike’s allowed IPs so can compare it with yours.
John’s server : I do not have the list of John’s allowed IPs.
Neo’s server : Then sorry, I don’t want your message. Delivery denied.
Situation 2 :- If you have SPF set up
Neo’s server : Hi, John’s server. I have got a new message from Neo.
John’s server : Hi Neo’s server. What is your SPF?
Neo’s server : There you go, here’s my SPF. There’s a whole list of IPs that Neo himself declared as the ones which can be used on his behalf.
John’s server : OK, let me see and the message you have for me is sent from IP 18.104.22.168. Hmm Ok, It is on the list. Now everything looks fine. Give the message, I will show it to John. Thanks!
My apologies to all tech guys. Please forgive me for above dummies. I was just trying to make it simple.