Why don't ESF and Exim block this mail???

1) The blacklist_domains uses an nwildsearch, so if you're trying to use a sub-string match, you'd need the * character, eg:

*.date
*.loan
*.website

2) As for the ESF score of 62, that would be 30 for the failed SPF, and 32 for the SpamAssassin report (3.2 x 10).
The lookup:

dig -x 192.162.24.180

The spamhaus not blocking, then blocking could be either the IP not being listed yet, then being flagged 20 minutes later (seems to still be listed, when I manually checked, returns 127.0.0.3)
OR it might be the dns servers being used, in case they're doing too many RBL queries, and the RBL servers end up blocking them.
We do recommend using 127.0.0.1 in the /etc/resolv.conf so that your own server does the dns lookups, as it would have fewer total queries from you IP, vs any mass recursive servers, which would quickly get blocked.

3) The HELO, I don't believe ESF checks. That's probably doing a forward dns check, where the rDNS must match the forward dns IP from the result.
So the 0.9 you're trying to count 30 for ESF isn't there. Only the 1.0 SPF check is the 30.

---

Anyway, the spam looks like it wasn't spammy enough to get through.
You could bump up the forward lookup score a bit.. but many servers will fail that, so I wouldn't go anywhere above 1.5-2.0 (from 0.9):
https://help.directadmin.com/item.php?id=531

But using the correct *.loan in the blacklist_domains would solve that, assuming you never want *.loan emails.

John