Sender Policy Framework.
We use our drupal sites to send out a lot of mail as we organise symposiums for scientific organisations.
However, with alarming frequency, our mail has been 'bounced' back to us, mainly from universities and research institutes.
This is very worrying and annoying and has introduced us to "Sender Policy Framework"
Here are some examples of bounced mail messages:


178.xxx.xx.xxx does not like recipient.
Remote host said: 554 5.7.1 Service unavailable; Client host [188.xxx.xx.xxx] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=188.xxx.xx.xxx
Giving up on 178.xxx.xx.xxx.

Hi. This is the qmail-send program at n1nlvphout01.shr.prod.xxxx.xxxxxxxxxx.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<joe.bloggs@uni.se>:
193.xx.xxx.xx does not like recipient.
Remote host said: 550 5.7.1 Recipient not authorized, your IP has been found on a block list
Giving up on 193.xx.xxx.xx.

178.xxx.xx.xxx does not like recipient.
Remote host said: 554 5.7.1 Service unavailable; Client host [188.xxx.xx.xxx] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=188.xxx.xx.xxc
Giving up on 178.xxx.xx.xxx.

In the DNS settings of the affected website(s) there is a TXT line which reads
"v=spf1 +a +mx -all" 
which is the sites' Sender Policy Framework statement.
I found out after a lot of research, that this statement did not include the fact that the mail was sent from a seperate mail server ( I rent a virtual server) so the IP address of the website did not correspond to that of the mail server, and this was causing the problem.
I fixed it eventually by the following:
"v=spf1 +a +mx include: 188.xxx.xx.aaa include: 188.xxx.xx.bbb -all"

( the 188 addresses being the two IP addresses of the mail server)

Hope this is of interest to anybody out there wondering why their legitimate mail is being labelled as spam from a botnet!