I am actually just now running some tests to see whether a incorrect HELO/EHLO command should be reason to reject mails. The SMTP standard requires the EHLO/HELO command to be following by a FQDN which for many spammers is not the case. I can unfortunately also see that some legitimate mails are sent with incorrect FQDN.
I am not sure that this will help much - the EHLO/EHLO command does not always reflect the sending domain, especially if the server hosts many domains.