SPF is the abbreviation for Sender Policy Framework. SPF is used for outgoing email (emails sent from your email system to some recipient) to allow or deny the outgoing email based on certain rules, to prevent email spoofing.

SPF can be helpful in ensuring your domain does not get black listed, which ultimately is helpful in ensuring emails sent from your domain get delivered to recipients inbox.

You will probably also want to enable DKIM (DomainKeys Identified Mail). Check out my article Docker mailserver enable DKIM.

To enable SPF, you will add the following MX and TXT record to the DNS server that resolves your Docker mailserver hostname. In this example, the records are for mailserver with hostname mail.example.com.

mail         IN     MX    1 mail.example.com.
example.com. IN    TXT    "v=spf1 mx ~all"

Or like this. The include directive is used to specify the domain (example.com) that email can be sent from.

mail         IN     MX    1 mail.example.com.
example.com. IN    TXT    "v=spf1 a mx include:example.com ~all"

The dig command can then be used to see if DNS contains SPF.

~]$ dig mail.example.com txt

;; ANSWER SECTION
example.com.      86400   IN      TXT     "v=spf1 mx ~all"