I've not heard of sender IP's being spoofed, however if you see instances of those you can certainly open a TAC case to get a feature request to tackle specifically that.
You can certainly create filters to look at the email headers for the originating IP and take actions.
You would not be able to compare values for headers, you can certainly review and log header values for review.
Regards,
Libin Varghese