Hi,
You should definitly think about the deployment.
Its a major option in any mail sec solution to validate the connection ip, existing rdns, helo fqdn, registered envelope from domain, etc.
Eg we block 80-99% of all incomming connection - to give you an idea for one day thats only 100k connections accepted out of 700k
The less you accept the less you have to analyze in debth.
- Also would there be any other setting on the SMG so that it can check the email headers for the IP addresses without us having to do any major change on the infrastructure side?
You could use content rules to check some header infos, BUT
1. you have already accepted the mail - its stored on your side
2. standard features like global bad senders, conneciton classification, etc cant be used out of the box
Regards
Thomas