# *Restrict your "sending" SMTP server to only work on your network. ISPs commonly do this. This doesn't work very well if you have mobile clients (laptops, phones) which are not always connected to your ISPs network.# *Use SASL or some other means of checking that the person trying to use the SMTP server has a valid user on the system. This way only your users will be able to use your server to relay email.

SPF uses DNS to publish a list of server IP addresses that are allowed to send email for your domain. That In this way , a receiving server can check whether the sending server is authorized (i.e. message is likely not spam) or not (i.e. message is probably spam).

SPF is a pretty cool system, but it's not perfect. It works very well for single servers but if you send mail for your domain from multiple servers (and perhaps a varying number of them) - , you have are required to put in wildcards use wild-cards which lower reduce the effectiveness of this system.