Spoofing local addresses

Hello, Maybe this was already answered but I couldn't find a solution to my problem. I have shared hosting with several accounts. Lets imagine I have domain.com in my server with SPF and DKIM configured. So now from a remote PC I can telnet port 25 and can send an email with headers from and recipient that exists in the server: Connected to mail.domain.com. Escape character is '^]'. 220-mail.domain.com ESMTP Exim 4.89_1 #1 Sat, 28 Apr 2018 00:47:23 +0100 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. helo mail.com 250 mail.domain.com Hello xxxxxxxxxxxxxx [111.111.111.111] mail from: user@domain.com 250 OK rcpt to: user@domain.com 250 Accepted data 354 Enter message, ending with "." on a line by itself aaaaaaaaaaaaaa . 250 OK id=1fCD5t-0003RC-AF So if I configure an email client to spoof the email it will work. What configs should I put in Cpanel to avoid this? Thanks in advance. Regards, Bruno Morais