Hi Icarus,
The results is meant to confirm that your policy enforcement is being applied to what is reported as threat. You are achieving your goal, ensuring that unauthorized emails sent spoofing your domains are not allowed. Additional action you may be interested in taking could be using the IP information from these messages and confirm what action is taken by your inbound messaging gateway in case those emails are targeting your users.
You can also click on the geolocation flag in the console to get an analysis from Cisco Talos if you are curious about the reputation of the IP on their system.
I hope this helps!
