spf part

Doc/Sdi/mail.xml

@@ -414,9 +414,36 @@
       <section xml:id="sdiSectSpf">
         <title><acronym>SPF</acronym> (optional)</title>
 
-        <para>more Spam prevention techniques like <acronym>DMARC</acronym>,
-        <acronym>DKIM</acronym>, <acronym>DANE</acronym>, Postscreen and other
-        Policy Deamons.</para>
+        <para>Where are plenty of Spam prevention techniques like
+        <acronym>DMARC</acronym>, <acronym>DKIM</acronym>,
+        <acronym>DANE</acronym>, Postscreen and other Policy Deamons (e.g.
+        <link xlink:href="???">policyd-weight</link>). Good Providers use most
+        of them. We can't test all of them in SDI. They help to detect spam
+        but not scam. So if Spammers use meine-dt-bank.de to obtain your
+        PIN/TAN by a scam this mails could also use SPF or DKIM for there
+        domain. So this techniques won't help there. The user is still
+        responsible to detect such scams.</para>
+
+        <para/>
+
+        <itemizedlist>
+          <listitem>
+            <para>Add a SPF (Sender Policy Framework) Record to match mx and a
+            to your DNS for your fantasy domain</para>
+          </listitem>
+
+          <listitem>
+            <para>its a little bit hard to test this. if you want you could
+            try to configure amavis to test for spf and set it to debug so
+            that in the mail.log you'll see what amavis does</para>
+          </listitem>
+
+          <listitem>
+            <para>then send a mail from a mailadresse from your fantasy domain
+            to an emailadresse on your server. your mailserver must use your
+            own dns</para>
+          </listitem>
+        </itemizedlist>
       </section>
     </section>
   </section>