The Sender Policy Framework (SPF) is an email-authentication technique which is used to prevent spammers from sending messages on behalf of your domain.  It is an authentication protocol which verifies the MAIL FROM or HELO/EHLO identities during email transmission. 


SPF does this by comparing the sending server’s IP address to a list of authorised senders. The authorised senders are the IP addresses which are allowed to send on behalf of the sending domain. They are specified in a TXT record which is published in the domain owner’s DNS.


If the receiving end supports SPF, then, upon receipt of an email it checks if the sending IP address is authorised to send on behalf of the domain and if is not in that list SPF authentication will fail. 


SPF is one of the authentication techniques on which DMARC is based. DMARC uses the result of the SPF checks and add a check on the alignment of the domains to determine its results. 


DMARC uses both SPF and DKIM