Spamassassin has lots of tests for fake HELOs. If someone says "HELO hotmail.com", but aren't connecting from a Hotmail IP address, they get dinged (spam score is increased).
Recently, someone connected our server, call it mx.xyz.com, and said "HELO mx.xyz.com". Spamassassin didn't ding it for doing this. Is there a ruleset that does this? I realize xyz.com couldn't be hardcoded (otherwise, it'd be a different ruleset for everyone), but is there a generic ruleset that uses a function call or something to figure out your MX server (or the name of the machine spamassassin is running on) and then ding someone HELO'ing as that? -- We're just a Bunch Of Regular Guys, a collective group that's trying to understand and assimilate technology. We feel that resistance to new ideas and technology is unwise and ultimately futile.
