Domain Anti Forgery boils down to the Sender Policy Framework (SPF) settings for any domain name.

Domains do not relay email, IP numbers do.

SPF is a list of IP numbers that may relay emails as a domain name.

Many small, hobby or test domain names are incorrectly configured or not configured at all. These domains allow any IP number on the planet to relay email as that domain name.

To add SPF to your domain name, simply EDIT your DNS Zone (or ask your IT person) and ADD a TXT record, similar to this:

      IN TXT “v=spf1 +a +mx  -all”

The above example simply means that any server defined as your receiving email server as well as the A record for your domain name may also transmit email as your domain.

The -all is VERY IMPORTANT as this tells the world that any email not from your =mx IS NOT YOUR DOMAIN!

You can also add additional IP numbers by simply adding: +ip4:(Insert_Number_Here)  to the TXT record before the -all  (You can also add entire IP ranges, as /24 or /20 or /16)

Also see :

Email Sending Servers


Email Receiving Servers

Read the entire RFC here