After some testing, I see the Referrer Filter is doing a good job blocking POST requests outside of the current environment using the default configuration ("Allow Hosts" is blank). And the documentation states "By default, all variations of localhost and the current host names the server is bound to are in the white list."
But how is it even "aware" of the "the current host names the server is bound to?" Our site URLs are VIPs that point to the dispatchers so I don't know how that gets passed down to the publish instances.