Apologies for the late nature of this.
I'm somewhat concerned that the optional HELO checking is being
removed from the spec (it was in draft-mengwong-spg-01)
As far as I can see SpamAssassin 3.0 implements this part of the
existing spec, and I suspect is likely to become one of the most
widely deployed SPF checkers, at least in the short term.
I do have reservations about the HELO check (but then I have
reservations about the more limited HELO check for the <> address,
too). But I think I have bigger reservations about modifying the spec
at this stage to render a widely deployed SPF checker non-compliant.
It also means that people publishing SPF records will be unaware that
they will be used in this way by a widely deployed checker.
If the community really wishes to make this change, then can I suggest
that at a minimum this practice be documented in an informative annex?
-roy