Sender Policy Framework, or SPF, is an authentication protocol whereby a mail server will check the SPF records for any domain it receives mail from against the IP address that the message is being transmitted from. If the sending domain has published SPF records, and the IP address(es) listed for the domain on those records does not match the IP that the email is coming from, it will reject that mail as forged.
Of course, with our inbound filtering in place, all mail appears to be coming from our IP addresses, rather than from the actual IPs of the sending domains. Since only a small percentage of domains publish SPF records, this issue only surfaces with some sending domains, but the potential impact is that any incoming message being sent by an SPF-publishing domain may be rejected.
If your mail server or server-based anti-spam software uses SPF, you should enable SPF support in our filtering service, to avoid the potential problem described above.