I have a commercial product that does BATV encoding to detect false bounces, but it catches nothing.    That product only detects a bounce if the message includes a Return-Path header pointing to the recipient domain, and lacks the BATV pointer.    The attack messages do not have that header, and my product assumes that some legitimate messages may have a null sender without being a bounce.

Defenses against both null sender attacks and *.onmicrosoft attacks were discussed together on this topic from January:

I recommend configuring an Incoming Gateway to do your spam filtering, using a product that has more features than SmarterMail provides.   My installation uses Declude.  I embraced it because of the flexible rules engine that supports multiple-attribute rule, and the abillity to extend its features with callouts to external programs or scripts.  If you have a server avaiable to run the gateway software, MailsBestFriend can get you going pretty quickly on Declude (old product) or Declude Reboot (its replacement) at modest cost.    

Awhile back, I put together a review of the SmarterMail anti-spam features, because I found the documentation inadequate.   That write-up is here:

Hope this gives you some options.

Thanks Douglas, I do use declude (old version). So I'll have a look at that.