The only way I could see to block this attack based on the common EHLO response is for us to add a new feature such as an EHLO filter that would terminate and block the IP if certain conditions were met during the SMTP session.
I'll write this up and get it over to the developers as a feature request to be considered for a future release.
In the mean time, the only other option is to allow the abuse detection rule to block a single IP address at a time. You can also investigate the IP's that have already been blocked and see if they are all belonging to an assigned block of IP addresses on the same network, if it is, you can block the entire range. Typically with wide-spread attacks such as these, they can apply to an entire /24 range of IP's.
EDIT: It looks like this has changed in a SmarterMail update previosuly. You can block based on the EHLO domain.
This can be configured under Security -> Advanced Settings -> SMTP Blocking. You can create a new rule and set the Block Type to EHLO Domain and Blocked Address to ylmf-pc This should then take care of the issue.
Technical Support Supervisor