We have some very important email accounts that apparently someone has decided to use for spoofing a few local valid email addresses and sending spam to thousands of European and South American addresses. It results in roughly 68,000 bounced emails every day to each specific valid email address from domains stating that there is no such email address there, box full, etc. Obviously the spammer is using a list and using these email addresses as the "from" field. The email addresses on our server cannot be deleted to bounce these messages as they have too many important items connected and this won't necessarily solve the problem of emails being sent in our direction as a result of the spoofed address. A couple of things we can do but I'm not sure how or if they are possible. I'm looking for suggestions in addition to what I've tried to do. (1) I'm thinking blocking email by originating country would be optimal but not sure if this is possible. (2) Tried entering in the filters If the From or Subject equals "Undeliverable" or other variations then the emails should bounce or be discarded - those filters don't seem to work. (3) There are tons of postmaster emails and not sure if bouncing those is a good idea as the accounts won't get their own postmaster and also whether you could have trouble as a result of bouncing email from other postmaster accounts back at them. I know this is not the first time it has happened and appreciate all assistance from those with experience.