SPF (Sender Policy Framework) is a type of DNS record that allows email services to check if an email sent on behalf of your domain is authorized and legitimate. It is as simple as adding a TXT record in your DNS records.
For example, this indicates all your emails are sent from google apps. If any emails are sent outside of google apps, like a custom exchange server, then it is not legitimate.
TXT @ v=spf1 include:_spf.google.com -all
Another common example is AWS SES:
TXT @ v=spf1 include:amazonses.com -all
SPF record could point to an IP Address as well.
TXT @ v=spf1 ip4:10.10.10.10 -all
You can append multiple identities in a single record.
TXT @ v=spf1 ip4:10.10.10.10 include:_spf.google.com -all
To allow only your domain MX to send an email, add a record like the following:
TXT @ v=spf1 mx -all
If your domain sends no email at all, you can add a record like this:
TXT @ v=spf1 -all
Reference available here.