Back in the old days of the internet there was much less automated bad-behavior. Not-a-days scams and spam are inexcapable. So things have evolved and changed to adapt.
SPF is Sender Proof verification… which means the receiving server checks a DNS record to see if it’s supposed to get a message from that sending sender.
Example: Server A sends a message to an email address. That email address lives at server B. When server B gets the email, it’ll scan the meta-data and the header info and see where the message came from. Then it’ll ping the DNS for that domain; is there an SPF record? And what server does it white-list to send messages through that domain?
If the SPF record calls out the sending server in the record… (in our example “server A”) then the message checks out and gets delivered without being suspected of spam or spoofing.
If there’s no SPF or if the sending server is not called out then the message gets marked as suspicious.
All the SPF records start with v=spf1 and all of them end with either ~all or -all.
You can’t have more than 1 spf record on your specific domain or subdomain; however you can sand which or stack multiple records into a single run-on sentence.
This will allow your email inbox server and your hosting server (and your email marketing server) to send messages out on behalf of your domain.
With more and more security issues and hacking going on the newest protocols are DKIM and DMARK records which bind the domain to the hosting as well as the email server directly with binding keys.