SPF record for Exchange 2010

Hi,
I want to install/create an SPF record for my domain -- let's see it mydomain.com. I also have another domain on that mail server, let's call it mydomain2.com.  
I'm noticing that some mail from outside hosts(outlook.com)  are going directly into my users junkmail folder, and the message in the headers of these say:
received-spf: None (protection.outlook.com: mydomain.com does not designate permitted sender hosts

I found a wizard out there that creates SPF records but I'm not 100% clear on all of the questions it's asking.
In particular these three:
1. Enter any IP addresses in CIDR format for netblocks that originate or relay mail for this domain
(space separated, for a single IP address use /32, i.e. 192.168.1.14/32)
       
2.Enter any other hosts which can send or relay mail for this domain
(space separated)
       
3. Enter hostnames for any remote spf records to include
(ex. include:_spf.google.com, space separated)

Can someone help me with these questions or point me to a good generic SPF example file.

Last, if I mess up the SPF file and don't put in all the correct data, what's the worst that can happen?  Can it cripple my mail server?
Thanks
Nacht
LVL 1
nachtmskAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

carlmdCommented:
The SPF records define what mail server by ip address is allowed to send mail for a given domain.

Typically you would put the WAN ip address of your mail server (or firewall if the default gateway) in the record for each domain.

For example, your spf record might look like the following.

v=spf1 ip4:71.170.24.64 ip4:71.170.24.63 -all

This says that these two ip addresses are allowed to send mail for the given domain. Since the spf record goes on your ISP's resolution for your domain, there is no domain name in the actual record.

There is a lot of additional information here if you need it:
                         http://www.openspf.org/
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.