Fake sender spoofing local domain

[John Glorioso <jg...@zitego.com>]

I am running several virtual hosts on my James server and have recently
become aware of spam/virus emails arriving to addresses on the server that
are spoofing the Return-Path and From headers. Ex: legitimate destination
address "john@foo.com" getting email from non existent (or possibly real if
they are lucky guessers) "somejerk@foo.com". I have recently started using
spamd and Josh Parreco's spamassassin mailet and have found his
SenderHostIsNotLocal matcher to be insufficient to identify that the sender
is fake because it simply checks to see if foo.com is a local address. I
have modified James to view my configured virtual hosts as local. That being
the case, I would like to force an additional check that looks at the
sending server to see if it is one of ours or not. In that case, if the from
user was not legit I could ghost the message or whatever I decide to do with
it. I have found the "RemoteAddrNotInNetwork" matcher and assume I could
setup another processor block to check all of these conditions, but I wanted
to make sure that I am not overlooking some other matcher that already does
any of this. Please let me know if I am not being clear on the problem.
Thanks in advance for advice.