There are many techniques to stop spoofing websites. One of the most straight forward is to create a default NameVirtualHost to capture and block all spoofs. Here’s a recipe I’m using:
ServerName stop.spam
DocumentRoot /var/www/stopspam
ErrorLog /dev/null
Deny from all