If you're setting up a Google Apps account and would like to use the email service from it in a web application or in a way that you'll be sending a lot of emails, whether to one person or many, you'll suffer from email delivery failures.
I've recently moved a company from a dedicated server to another, and that included switching the email service from being on the dedicated server itself, to Google Apps.
After 2 days, their delivery email account was disabled because it was suspected by Google to be a spam account. Re-enabling it was as simple as logging in through the web interface.
Another 2 days pass, and emails started being rejected from delivery and the company's customers weren't receiving confirmation emails. That's very bad.
I've asked in Google's public forum and turns out you have to add Google's SPF records to your domain name's DNS records to avoid such issues.
The bounced emails had the following message:
Delivery to the following recipient failed permanently.
What's annoying is that Google already has a page explaining why you should use SPF records, but it's not linked to the basic setup that explains setting up email exchange (MX) records.
If I'm going to setup the MX records, then I might as well add the SPF records too since I'll be modifying the DNS records! It would've been very helpful to have linked or pointed at the SPF page rather than wait till I face problems, search for its cause & solution then find out!
So what are SPF records?
In a nut shell, they are records that are added to a domain name's DNS zone and they dictate who is authorized to send emails from that domain name.
The Sender Policy Framework is used by both the sender and the receiver to verify that incoming email was sent by the domain it's claiming to have come from.
Setting up the DNS records:
Add the text as Google has shown to the @none field and not to all. See the picture below.
Make sure to type the text as you were told by Google! Some parts may not show in the above picture.