Sender Policy Framework (SPF) is a type of DNS record created to help stop Spam. A lot of anti-spam filters include a filter to look for SPF records and if they are forged, block the messages. The easiest way to describe SPF is to call it a reverse MX record.

To create an SPF record on a Windows DNS server is pretty easy, and if you run BIND, its just as easy. Open up the DNS Management MMC and drill down to your Forward Lookup Zone. Right-click and select Other New Records.

From the list of available resource record types, select Text (TXT) and then click Create Record.

Enter the following text into the Text field:

v=spf MX -all

Click Ok when you are done and the SPF record will be created.

Now you might be asking what the hell that means :) Well........      

• v=spf identifies the record as a SPF record      
• MX specifies that all MX records can send from this domain
• -all SPF queries that do not match will fail, however depending on the recipients filtering rules, it may still get filtered.      
• - ~all SPF queries that do not match will "soft fail" and depending on your rules may or may not get filtered

Now, most admins I know don't use Windows DNS for their external records. I for one have my external DNS hosted with my domain registrar and they use BIND. If you are using BIND for your external DNS enter the following to create an SPF record.

domain.tld. IN TXT "v=spf1 mx ~all"

For more information see:

Exchange Server and Sender Policy Framework SPF Record Creation Wizard