What is SPF? [Sender Policy Framework]
SPF (Sender Policy Framework) is a standard that was created in order to stop and eliminate the forged or spoofed sender email addresses in the mail envelope SMTP MAIL FROM or Return-Path that commonly used in spam message. SPF is not directly about stopping spam – junk email. SPF works as an extension to the Simple Mail Transfer Protocol (SMTP), and allows relay MTA (Mail Transport Agent) to identify and reject those e-mail spam sent from unauthorized and unapproved mail server. SPF was created in 2003 to help close loopholes in email delivery systems that allow spammers to “spoof” or steal your email address to send hundreds, thousands or even millions of emails illicitly.

How SPF Work?
SPF enable domain’s email delivery operation works in such a way, Owner of an Internet domain name defines SPF records using a special format of TXT records in the domain zone DNS name server. The SPF specifies which machines are authorized to transmit e-mail for that domain. When an email is received by a mail server, the MTA will query the SPF records from DNS resolver to determine whether the email is originated from a legitimate server. If SPF PASS result is returned, the email is accepted and got delivered. Else if SPF FAIL result is returned, the email is rejected and bounced.

Is SPF is Must?
SPF records is not must, but it’s a good to set up the SPF records to stop spam fault from illegally spoofing. If your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer).
Now many mail servers such as AOL and Hotmail now require valid SPF record for inclusion in their whitelist program so if you don’t have one your email will probably not be delivered to that server.

How to Set up SPF record for a domain?
The major issue for SPF records are how to write and create a properly SPF record which is valid and correct for the domains, as all SMTP server that sends email for the domains must be defined.

For SPF to work you have to add, to each DNS zone a record similar to this:

domain.com. 14400 IN TXT "v=spf1 a mx -all"

note:- “.” is necessary after the “domain.com” otherwise SPF fails to work.
“domain.com” is the domain for which you were adding SPF record.
Syntax used is as follows,
You will notice that all SPF record start with v=spf1. “v=” defines the version of SPF used, and is mandatory to identify it’s the SPF record. Currently only the only version supported is spf1.
A :- If the domain name has an A record corresponding to the sender’s address, it will match. (That is, the mail comes directly from the domain name.)
MX :- If the domain name has an MX record resolving to the sender’s address, it will match. (That is, the mail comes from one of the domain’s mail servers)
ALL :- Matches always, used for a default result like -all for no other IP’s are allowed to send emails.

You can read all the options that you have by visiting: http://www.openspf.org/SPF_Record_Syntax