Short explanation of SPF
What is SPF and what is it used for?
SPF stands for Sender Policy Framework and it protects domain owners and users from receiving mails from a mail server which isn't allowed to send for a domain. It works like this: When a mail server receives a transmition of an email it sees from which domain it is from. If there is a mail from firstname.lastname@example.org, then the domain is example.com. Now the receiving mail server checks the DNS (Domain Name System) for a record saying that the sending server is allowed to send the email for this domain. If it is allowed to send email for that domain, the receiving mail server accepts the mail. If it is not allowed then the mail is discarded or at least gets a higher spam score.
A SPF record might look like this:
microschrott.com. 600 IN TXT "v=spf1 +a +ip4:126.96.36.199/24 +mx -all"
It says that mail for the domain microschrott.com are beeing sent from the subnet 188.8.131.52/24 and the receiving mail server (mx) is allowed to send mail, too. Other IPs are denied.
The result: only the domain owner or the mail servers which were permitted are allowed to send mails for a domain with a SPF record.
This is not a technique against spam or phishing in general, but it plays a role in spam and phishing mail reduction.