Google Apps offers an excellent email service for businesses, anybody having a domain name can offer firstname.lastname@example.org email accounts with full Gmail features by just changing a few MX record entries in there DNS options and configuring there web-applications to use Google's server for emailing.
To ensure better email delivery rate to user's inbox avoiding chances of being tagged as SPAM, there are systems in place which allows email sending server to verify email origin (a sort of digital signature) and let SPAM categorization algorithms decide whether the email is sent from a fake "From" origin address or a real one.
Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) are two such measures and here is how to set them up for emails originating from Google Apps servers for your domain.
A Sender Policy Framework (SPF) record indicates which mail servers are authorized to send mail for a domain, and since we are using Google to deliver our emails the correct SPF record at your DNS provider would be to create a new TXT record with the value of:
v=spf1 include:_spf.google.com ~all
A DomainKeys Identified Mail (DKIM) record adds a sort of digital signature to all your outgoing emails and recipient servers can perform a check to verify the integrity and origin of email, rejecting the fake ones.
Unlike the SPF record the DKIM key is unique to each sender, to generate and activate your DKIM Key on Google Apps, follow the detailed instructions provide at - http://support.google.com/a/bin/answer.py?hl=en&answer=174124.