There are a number of ways to implement an Anti-Spam scheme with Sendmail.  I will detail my favorite method, which
is very flexible, easy to administer, easy to install, easy to understand.

How this works

This method checks /etc/mxlist and /etc/spamlist against the indicated domain name given by the MUA.
These rules do not actually check the sender's machine name, it only cares about what is specified in the MAIL FROM negotiation.  Unless the host is listed under /etc/mxlist, mail must either:

       Originate locally, terminate remotely
       Originate locally, terminate locally
       Originate remotely, terminate locally

If the host is listed in /etc/mxlist, no restrictions are imposed.  Note that a failed match will not generate an immediate error.  Instead, it will appear as though the mail has been accepted and delivered.  However, the mail will later be bounced back to the sender, or if the sender is invalid, dumped to postmaster.  I plan to work on the rules a bit to make it an immediate failure, to accommodate servers with already high volumes.  If no host name is specified in the MAIL FROM, the local domain is assumed.

For example, host.com is allowed to relay through the mail hub:
MAIL FROM: user@host.com
250 user@host.com...  Sender ok
RCPT TO: user@otherhost.com
250 user@otherhost.com... Recipient ok

The file /etc/spamlist contains specific hosts which need the special message.  Personally, I have not used it.

        1.  If you need to upgrade, do so: ftp://ftp.sendmail.org/pub/sendmail.8.8.8.tar.gz
             Note that if you have Sendmail 8.8.7, it is strongly advised to upgrade.  A bug
             exists in version 8.8.7 when used with these rules, deferred delivery mode, etc.

        2.  The M4 utility.  This is fairly standard on most UNIX systems, and is required to
             to generate a useable sendmail.cf file.  In fact, this must be present to do anything
             at all with this.  ftp://gatekeeper.dec.com:/pub/GNU/m4-1.4.tar.gz
 
        3.  The drop-in rules to implement the Relay Method:
 
                    LOCAL_CONFIG

F{SpamList} /etc/spamlist
F{MyMxs} /etc/mxlist
LOCAL_RULESETS
Scheck_compat
R<$+> $| $+                                       $1 $| $2
R$+ $| <$+>                                       $1 $| $2
R$+ ! $+ ! $+ $| $+                             $3@$2 $| $4
R$* @ $* $={SpamList} $| $*            $# error $: 552 SpamFilter: email from junkmailer's domains not accepted.
R$* @ $* $={MyMxs} $| $*               $@ valid from
R$* $| $* @ $* $={MyMxs}               $@ valid to
R$- $| $*                                              $@ unqual local from
R$* $| $-                                              $@ unqual local to
R$* $| $*                                              $# error $: 553 ForwardFilter: We don't forward email from $1 to $2.

            4.  Create the CF file, with M4, and your newly-created MC file:
                % m4 file.mc > file.cf

            5.  Create /etc/mxlist, and /etc/spamlist.  These files are normal text files, one host per line:
                % touch /etc/mxlist /etc/spamlist

            6.  Add the required entries to /etc/mxlist.  Some of the required hosts that must be there are:
                localhost
                machine's name
                machine's FQDN

            7.  Add any other hosts that are allowed to relay through your host.

            8.  Install the new CF file.
 

Caveats

• Be sure your new CF file contains the same definition for your local mailer, or that the new definition is correct.  For example:
          ##################################################
###   Local and Program Mailer specification   ###
##################################################

#####  @(#)local.m4     8.23 (Berkeley) 5/31/96  #####

Mlocal,         P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=10/30, R=20/40,
                T=DNS/RFC822/X-Unix,
                A=procmail -Y -a $h -d $u
Mprog,          P=/bin/sh, F=lsDFMoqeu9, S=10/30, R=20/40, D=$z:/,
                T=X-Unix,
                A=sh -c $u

• Any .forward files that contain remote host names must be listed under /etc/mxlist for this to work properly for them.  An example script that does not take into account multiple hosts in the .forward file:
 
          #!/bin/sh
# Script to traverse user directories and get the info out of the .forward
# file, put it into one file, make life easy.

for i in `ls -CF1`
do
        if [ -f $i.forward ] ; then
        cat $i.forward | cut -f2 -d @ >> ~/forwards
        fi
done
 

• Make certain that the local host name is in /etc/mxlist, otherwise 90% of your mail will fail.  If the machine you are settting up is a mailhub for a workgroup of NULLCLIENTs, and those machines do not masquerade as one host, each host will need an entry.
Tips
A quick way to add proper hosts to /etc/mxlist is to use sendmail.cw as a starting point.  This file contains
a list of the domains you accept mail for, so they should be allowed to relay through.

/etc/mxlist is a simple text file, one host per line

Save your old sendmail.cf in case this makes everything break- in a large ISP-type environment, everything will break until you have all client domains listed.
 

Summary
This will effectivly prevent spammers from relaying through your domain.  This will not prevent an unscrupulous user from claiming to be originating from your domain: spammer@your.domain.com.  That is another issue entirely.  There are many other methods which serve different purposes, such as blocking unique hosts and allowing all others, rather than this method of blocking all hosts, allowing listed hosts.  I personally feel this is the better solution as no mail server should be used for a relay unless you are aware of that, and allow that.

Happy Anti-Spamming!