Take these steps if your Domain Spoof Test shows failure
If you have failed a Domain Spoof Test, there are a few steps you can take to secure your domain. Primarily you will want to implement and verify SPF.
First, you will want to navigate to the openspf site for the correct instructions on SPF itself: www.openspf.org.
Once you have implemented SPF you can verify your implementation here: https://www.kitterman.com/spf/validate.html
If you use Exchange, here are instructions on how to delete emails that are spoofed from within your own domain.
Microsoft added this to Exchange 2003 SP2, but they call it "Sender ID". Here's the blog post where it is introduced: https://blogs.technet.com/b/exchange/archive/2005/10/13/412487.aspx
Here are instructions for configuring Sender ID in various versions of Exchange:
Exchange 2010 & 2013:
Exchange 2013, 2016 & Office 365
Sender Authentication: https://campus.barracuda.com/product/emailsecuritygateway/doc/3866643/sender-authentication