Your SPF record ends in "+all", which tells the world that ANY server is allowed to send email as your domain. That removes the protection SPF is supposed to give — anyone can impersonate your address and your real mail gets no deliverability benefit.
Pro tip: Start with "~all" rather than jumping straight to "-all". If you have a sender you forgot to list, "~all" still lets that mail through (flagged) instead of bouncing it outright, giving you a safety margin while you verify.
SiteSprout scans your site, tells you which issues you actually have in plain English, and keeps watch so nothing breaks silently.
Scan your site free