I have been experimenting with a few different spamassassin configurations and finally spam emails are seemingly under control with the exception of spoofed emails from my own domain. I can verify that they are spoofed by looking at the headers, also our logs do not show any unusual authentications so I believe the network has not been compromised. So how can I block spoofed emails?