I would suggest *@mycompany,com in the FROM Black list as I am not sure if SF wil see the actual domain it comes from or the from addresses.  I seem to have better luck with this BUT the from is being forged so this may not work either.

Please note that SpamFilter acts upon the "real" email address specified in the email. This is often referred to as the "Envelope" address, or the "Return-Path" address. It is the email address that is provided by the sender's server in the "MAIL FROM" SMTP command. SpamFilter logs this address in the following header:
X-SF-RX-Return-Path: <HYPERLINK "mailto:someone@test.com"someone@test.com>
 
Also note that the "From:" address displayed in most email clients can be different than the above address. This latter address is specified in the "From:" header in an email, and is only used by email clients to display any email address the sender wants.

That said, rather than a blanket "blacklisting" of your own domain, you may want to implement SPF (Sender Policy Framework - www.openspf.org) for your domain. This will allow you more flexibility as it lets you specify via DNS which IPs are authorized to send emails on your behalf. This will still allow you to receive emails sent from your own domain, but will let you specify which hosts are allowed to do so.

Stupid wrote: I do have SPF implemented. Why doesn't SFI look at the From address? It would be such a nice feature I think. I get at least two questions a week about why someone would send themselves spam.

Does your SPF record in your DNS look something like below?  If it does not, then maybe that could be part of the problem.

TXT  

v=spf1 a mx a:node1.ns1.example.com a:node2.ns1.example.com a:node3.ns1.example.com a:node4.ns1.example.com mx:mail.example.com ip4:192.168.0.0/32 include:yourisp.net ~all

If you are on a dynamic IP that changes because of your ISP, then having the include:yourisp.net ~all  is needed to find your authorized ISP's IP that your currently using on y our network.

Michael