SPF is a system designed to validate e-mail (described in RFC 4408) and prevent spam and spoofing. This is done by verifying the IP-address of the sender. This is done via posts in the DNS server that serves the domain. In my case I’ve added two posts in my DNS.

$ORIGIN nickebo.net.
TXT "v=spf1 a mx -all"
SPF "v=spf1 a mx -all"

These two posts tells any SMTP server receiving mail from any-e-mail-address@nickebo.net that the only servers that should be allowed to send from nickebo.net are the ones listed as A posts or MX posts in my forward lookup zone.

How does this prevent spam? Well, it doesn’t, but it stops some forgeries of the senders address. It also lessens the risk that spammers will do forgeries acting as a user in your domain. Since the receiving server checks the mail and rejects it if it’s forged it’s pointless for the spammers to try to mail from your domain.