Stop spoofing own URL

We don't utilise DKIM as we find it can block legitimate email. Today, I picked up on a spoof from zac@mydomain.com, who doesn't exist, and I guess my staff would also pickup knowing that we don't have anyone here called Zac. The headers would indicate it came from elsewhere, but my staff wouldn't know how to find the headers. This got me thinking though, can any filters or checks be put in place (other than DKIM) that would check the existance of the account before accepting the mail. ie, zac@mydomain.com doesn't exist, so couldn't possibly send an email.