1.  go slower and slower if client is being rejected.  we just go slower
until they hang up rather than deal with reconnects.
2.  pass arguments to validatesender to enable spamhaus & spf checks.
3.  note that no sender is defined as postmaster@him and check that
address.
4.  require that helo be resolvable.
5.  qflag -- don't log helos that are bounced as Liars.

note:  the current code and this post have a problem dealing with
typically-configured laptops announcing themselves as "joeslappie".
perhaps if we require authentication or you're trusted, the rules
in hello() can be relaxed a bit.