We are facing an issue of outgoing mail spoofing,
Genuine outgoing mail domain: @mycompany.com
Spoof outgoing mail domain: @Microsoft.com
We wanted to block those spoof mails on SMG which are going outside other than @mycompany.com.
Thanks in advance.
If either the recipient or sender domain is not part of your environment, the SMG should not relay it. That is the definition of an open relay. Please refer to the below best practice article for configuration pointers and testing for open relay:
Assuming the mail is not actually being routed via your SMG, but rather is just being sent out directly, I'd personally start with amending your FW rules and go from there to be honest. What I mean is:
I'd also recommend checking out the logs on your FW to determine if anything other than your mail server is connecting out on port 25, and to find out why they are doing so (i.e. is it infected, is it a legitimate mailer process that has been hijacked to spoof mail, etc).