We don't use services like Bounce Address Tag Validation (BATV) address validation, as with our security checks it's unnecessary and difficult to configure in combination with greylisting. Instead our security checks use a combination of reputation, RFC conformity, and content-based checks. We don't write custom spam rules, but our spam engines do have rules looking at message content from null addresses. For example, we look for anomalies with the character set. They often get blacklisted, so fail reputation checks.
If a company receives backscatter spam, it's an individual or a handful of users that are targeted. In this scenario we'd apply a content examination check using a regular expression to stop the messages.
Additionally, we support the use of SPF, which resolves backscatter if you reject SPF failures. See https://blogs.msdn.microsoft.com/tzink/2008/07/14/the-problem-of-backscatter-part-10-use-spf/ for further details.