Why does your mail server let other people claim to be it? That's just asking
for abuse. I don't have exact stats, but every time I look in my logs, I see
hundreds of lines of rejects where remote nodes have said HELO with my IP
address. HELO is meant to identify the remote end, not me.
Bah, doesn't matter.. SA ignores the HELO part of the Received: headers in current versions of SA.. The poster's problem is entirely due to lack of update (the poster is using SA 2.53).
Of course, one could argue that SA problems aside it would be beneficial to block anyone trying to HELO as your own IP or hostname since they are obviously spammers or broken, but that's not really the root cause of his problems.
2.53 is vulnerable to a wide variety of forgery tricks that fool whitelist_from_rcvd, even the default ones like ebay are forgeable to it under the right circumstances.
