Hi !!
The HELO approach does nothing of use on B, there is no point impersonating
an address that is never seen but with accreditation it does provide a means
to address A.
that's why i think helo checks should not be part of spf, spf is
Sender Policy Framework, it takes care of the Sender. Helo checks
are great at detecting viruses but should be dealed separatelly.
Exactly why would you care about the method someone used to decide to accept
your email if it worked?
that's not the point with helo checks, virures usually make pathetical
attempts to provide a valid helo, usually a simple regex will catch many
of them but it's harder to make rules with no false positives that
detect forged helo's
HELO example.com
PASS - If it works then that's ok.
FAIL - Why would anyone fake this? Most likely a misconfiguration
where do you get this two states ? surely not from current spf records ...
--
Best regards ...
It's a fine line between fishing & standing still
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david(_at_)ols(_dot_)es
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------