I use telnet ip.add.re.ss 25 pretty much daily as you descibe (but EHLO these days). Sometimes you come across systems that don't have "swaks" or "exim -bhc" to hand.
A couple of days ago I used it to quickly prove to myself that SPF really is bloody useless against spam. Set "MAIL FROM:" to nothing which implies that the mail server itself is transmitting and is perfectly valid: that is how bounce messages are sent. What will happen is that the receiving SMTP daemon will not have an email address to test for SPF (it will only test envelope from which is what comes after the MAIL FROM: command) With no email address to test it tests the mail server itself and the spammer has set up SPF for their own email server's domain and hence pass the test. They will set the FROM: header to whatever they like in the DATA phase and that is what your MUA (Outlook probably sigh) will display. So the end result is your end user gets an email that appears to come from someone they know and it will pass SPF tests. DKIM and DMARC/ARC will help mitigate (DMARC adds a bit of excitement to mailing lists) as will a proper spam scanner like rspamd or spam assassin or some decent ACLs in Exim int al but SPF on its own is absolutely rubbish.
A couple of days ago I used it to quickly prove to myself that SPF really is bloody useless against spam. Set "MAIL FROM:" to nothing which implies that the mail server itself is transmitting and is perfectly valid: that is how bounce messages are sent. What will happen is that the receiving SMTP daemon will not have an email address to test for SPF (it will only test envelope from which is what comes after the MAIL FROM: command) With no email address to test it tests the mail server itself and the spammer has set up SPF for their own email server's domain and hence pass the test. They will set the FROM: header to whatever they like in the DATA phase and that is what your MUA (Outlook probably sigh) will display. So the end result is your end user gets an email that appears to come from someone they know and it will pass SPF tests. DKIM and DMARC/ARC will help mitigate (DMARC adds a bit of excitement to mailing lists) as will a proper spam scanner like rspamd or spam assassin or some decent ACLs in Exim int al but SPF on its own is absolutely rubbish.