Matt, (pause while I put on my iron codpiece) this sounds like a good
place for an IMail implementation to use SPF records as self-defense.
It sounds like what you're looking for is a two-fer that maps valid
client space with valid domain names to detect spoofing, and HELOBOGUS
will only do part
Andrew,
I think that you misunderstood.
If you have a local domain of example.com and an E-mail comes in with
a Mail From of [EMAIL PROTECTED] with a HELO of
asdfdfasdfsafdsafd.asddsfadfas.asddfs, then HELOBOGUS will not trigger
even though this is a bogus HELO. This isn't a bug, this was by