Sender Policy Framework (SPF) records allow domain owners to specify which hosts are permitted to send email on behalf of their domains. Normal SMTP allows any computer to send an email claiming to be from anyone. Thus, it's easy for spammers to send emails with forged From: addresses. SPF allows a domain owner to use a special format of DNS TXT records to specify which machines or hosts are authorized to transmit email for their domain; this makes it difficult to forge From: addresses.
For example, if you own the domain example.com, you can designate which hosts are authorized to send email originating from user@example.com. Your recipient's servers will then identify the origin of your message by checking the SPF record.
If you're using Google Apps services, we strongly encourage you to publish SPF records for your domain. Having these records in place will ensure that messages sent from users in your domain are not rejected by the recipient's domain.
To set your domain's SPF record, you should have access to your domain's DNS settings. On your DNS resource, publish the following TXT record: v=spf1 include:aspmx.googlemail.com ~all
Note: Publishing an SPF record that lacks include:aspmx.googlemail.com or specifying -all instead of ~all may result in delivery problems.
For more information on SPF records, please contact your domain host.
If you choose to activate the Postini features in Google Apps Premier Edition and configure Google Apps to route email to the internet via Postini's servers, we suggest that you use this configuration: yourdomain.com. IN TXT "v=spf1 ip4:207.126.144.0/20 ip4:64.18.0.0/20 ip4:74.125.148.0/22 include:_spf.google.com ~all"
Source: http://www.google.com/support/a/bin/answer.py?hl=en&answer=33786
