I have
First you need to know why it's beneficial to have one (apart from the wishes of certain spam checkers). All it is, is a DNS record which doesn't just map a IP to a name. Your email address carries with a MX record --- otherwise it wouldn't be an email address! That MX record tells SMTP server where any email sent to that address is headed. Technically, anybody could send an email from your address because SMTP is a stupidly dumb protocol and cannot really verify who's sending the email. Wait... it can -- that's what SPF is for.
SPF essentially is nothing more than a "list" of locations you can send email from using that domain name in your address. So if you are
joe@bloggs.com you might decided the only place you can send email from that address is 1.2.3.4. However, you may decide that you can send it from any other A record at bloggs.com, or maybe that you can use gmail's smtp servers to send email from that address.
SPF provides this list, but it's not concrete. Some servers will check the SPF record, others will not. Even ones that check the SPF record and realise someone's sending email from the wrong location may ignore the fact and process the mail anyway. You can set the severity of failures in the record itself.
If you don't have direct access to your zone files you're going to struggle to set a SPF record up since most web-page DNS setting forms only allow MX, A and CNAME records but you need a TXT record.
When you understand that SPF is nothing more than a valid list of locations it becomes extremely simple. You create the record as TXT, specify v=spf1, list all the locations then set the severity.
The specific syntax is explained in the documentation but here's mine for example:
Code: Select all
@ IN TXT "v=spf1 ip4:82.7.254.40/24 ip4:213.205.138.154 mx a -all"
That says:
* This is a SPF record
* I can send from my ISP
* I can send from My workplace
* I can send from the MX server of the domain
* I can send from the A record of the domain
* Anything else should fail, harshly.
How strict do you want to be? I can help you create the record if you only want it to comply with hotmail's spam filters.