Simply put they are DNS records of type TXT. If it's your first time hearing those, its probably because gmail began requireing them, if you have a mixed setup and just need to make it work fast - go to the bottom of the page guide

In grog terms:

SPF - Who can sent your mail?

This txt record contains the ips or domains that can send email on your behalf. Here's an example of this record mysite.com. IN TXT "v=spf1 include:_spf.google.com include:_spf.microsoft.com ip4:203.0.113.0/24 -all". Note that the -all or ~all hard and soft fail, change the suggestion for what to do if the mail dosn't pass the requirements, but ultimatley it is for the reciever to decide.

DMARC - What to do with rejects?

Its a policy of what to do with rejected/quarantined mail and a good monitoring option. typical DMARC looks like this - _dmarc.example.com. IN TXT "v=DMARC1; p=reject; rua=mailto:dmarc-reports@example.com; ruf=mailto:forensics@example.com; pct=100; sp=reject" it tells the reciever to send data about rejected emails to forensics (contents and data) and send statistics to reports (x mails were sent from x.x.x.x ip).

DKIM - Encryptoin!

How to set up DKIM for:

1. In your email manager, (SMTP client, DirectAdmin, Cpanel) create a DKIM key pair. Direct admin stores it in

   /etc/dkim.keys

2. In your dns manager add the record

it should look something like this: v=DKIM1; p=76E629F05F709EF665853333EEC3F5ADE69A2362BECE40658267AB2FC3CB6CBE

How to set up SPF

This one is straign forward. Go to your dns provider, add a text record formatted like this:
v=spf1 include:_spf.google.com include:_spf.microsoft.com ip4:203.0.113.0/24 -all

1. spf version
2. allowed domains and ips
3. hard (-) vs soft (~) fail - suggest block or maybe block (its up to the email provider to decide)