The idea is that you specify from what domains you send e-mails. This is published to any server that tries to send e-mails to your mailserver. If the from doesn't match the domain you specify, then it will be rejected. You can find more information on the spf record structure here:
The example below sets that the domain is maaloe.com and my mail provider surf-town.net is added as include since i send my mails via their servers.
v=spf1 v=spf1 a:maaloe.com include:spf.surf-town.net -all
Once you have set up the SPF record you can test it here.