steven,
in addition to the suggestions above (which for the life of me, i can't understand why they work CS). anyway, additionally, you can examine the origin of the request inside the controller:
var origReq = HttpContext.Request.UrlReferrer;
or, examine the headers and determine your 'action' based on the contents:
var headers = HttpContext.Request.Headers;
[edit] - of course, 'headers' can be tampered with (depending on how determined someone was to x'post to your site), so you could probably only use these for informational purposes - it's not a 100% certainty...
you can then decide if this 'post' is allowed or not depending on whether it originated from your domain (or a domain that is approved) or not.
jim