Hi !!
The HELO domain should be checked if the return-path is empty.
In most cases the HELO domain is different to the return-path domain, so a
different SPF record is used.
in most cases real servers use a hostname in the helo as required
by rfc, the problem is that many viruses try to use a (forged) domain
name in the helo. All those viruses could be stopped by just a single
dns lookup, but the problem is that the spf record for the domain
holds the spf policy for the domain, not for the helo.
--
Best regards ...
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david(_at_)ols(_dot_)es
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------