HACK(`reject_bad_from') -- reject mail with a bad or missing "From:" header, unless there is a non-null envelope sender. It also rejects mail with bad "Message-ID:", but it does not require that there be a "Message-ID:". (pgp signature)
HACK(`require_rdns') -- reject mail from sites without valid reverse DNS. Access entries allow individual override. I don't recommend this. The amount of collateral damage is excessive. (pgp signature)
HACK(`sender_based_routing') -- route to your ISP SMART_HOST, where the SMART_HOST chosen depends on the envelope sender address. Note that this requires a patch to cf/m4/proto.m4 (included for 8.12.4, also tested on 8.12.8). I am currently using this (lightly) on my home system. It allows me, in effect, to select a different SMART_HOST depending on whether I send with the ISP provided email address, or with my university email address. (pgp signature)
Dealing with bad HELO/EHLO by blocking some messages.