SPF, or Sender Policy Framework (aka Sender ID), fights return-path address forgery and makes it easier to identify spoofed e-mails. This is because domain owners identify all mail servers that send e-mail on their behalf within their DNS entries. Mail servers that receive SMTP e-mail verify the envelope sender address against the information in DNS, and thus can distinguish between authentic messages and forgeries before any message data is transmitted.
You can find more information about SPF at OpenSPF.org.
SPF configuration is a three-step process. First, you have to get the SPF value from your email host. Then, you have to set it up as a DNS entry in your domain host. Finally, you have to test to ensure that everything is working as it should. Here is our step-by-step guide for setting up SPF record in case it might help someone looking for information on how to do it for their own domains:
Our first stop was our email host Gmail, who provided the SPF value on a help page. If you host your own mail, have multiple sub domains, or have other complications and need help creating the SPF value, the SPF Setup Wizard will come in handy.
Next step was to setup the SPF record on DreamHost, our domain host. As any good host would, DreamHost had a wiki page that walked us through the steps of how to add a TXT record to our DNS. Your own host should have this information readily available in their help section. If not, ask them for it.
That (hopefully) brings us to the end of the domain spoofing email adventure chapter. However, it is just a matter of time before spammers find newer ways to harass users which will force us to embark on other similar adventures. Such are the drawbacks of technology that progresses by leaps and bounds.