>One thing it will not get past is where I check for forged HELOs that use >my IP as the HELO. But the above seems to be using my IP as the HELO and >still getting through.
Run the 4tuple filter so you can see the HELO logged by postfix rather than pick it up later in the Received headers. Len
