An extension of SMTP which stops email spammers from forging the "From" fields in an e-mail. Due to SMTP itself does not have the mechanism to authenticate, SPF provides the authentication scheme by specifying which computers are authorized to send email from a specific domain.
To use SPF, the domain sending e-mails must establish an SPF record that is published in DNS records. When e-mail passes through the DNS server, it is compared to the SPF record for that domain to determine if the sender is authorized to send e-mails from that sender's address. If the e-mail comes from a domain that is not authorized, the DNS server will not forward the e-mail to the expected destination.
SPF only stops the spammer from forging the "From" field in the e-mail
and does not stop the spammer from sending e-mails from a domain in which it is a member.
and does not stop the spammer from sending e-mails from a domain in which it is a member.