Deployment
Anti-spam software such as SpamAssassin version 3.0.0 and ASSP implement SPF. Many mail transfer agents (MTAs) support SPF directly such as Courier, CommuniGate Pro, Wildcat, MDaemon, and Microsoft Exchange, or have patches/plug-ins available that support SPF, including Postfix, Sendmail, Exim, and qmail. More than one million domains publish SPF FAIL -all policies.
In August 2005 it was learned that EarthLink would refuse to allow hosted domains the ability to enter SPF records.
In a survey published in 2007, 5% of the .com and .net domains had some kind of SPF policy. In 2009, a continuous survey run at Nokia Research reports that 51% of the tested domains specify an SPF policy. These results can include trivial policies like v=spf1 ?all. In April 2007, BITS, a division of the Financial Services Roundtable, published e-mail security recommendations for its members including SPF deployment.
In 2008, the Messaging Anti-Abuse Working Group (MAAWG) published a paper about email-authentication covering SPF, Sender ID, and DKIM. In their "Sender Best Communication Practices" the MAAWG stated: "At the very least, senders should incorporate SPF records for their mailing domains".
Read more about this topic: Sender Policy Framework