Backscatter broke trough the SPF milter

Email for our domains is received by Sendmail 8.17.1 with Acme SPF milter 2.001 (libspf2-1.2.10) quite properly — most spam is rejected immediately. Unfortunately, since 18 May, some new backscatter has emerged, which the SPF milter is unable to prevent:
spfmilter[TID]: SPF_request_query_mailfrom() failed
spfmilter[TID]: lib_do_check() failed on mail from '…@…' sent by [IP] - No errors
(where TIP — Sendmail task ID, …@… — sender's email address, and IP — its IP address).

This backscatter is quite powerful: he sends relentlessly every 13-17 minutes to hundreds of recipients at the same second, every time from a different fake email address, and each time from also different yet always real SMTP server all over the world. My Sendmail rejects emails to non-existing addresses of our domains immediately, but disconnects only after one hundred of failed submissions:
relay=[], reject=550 5.1.1 <>... User unknown
... (lots of similar submissions at the same second) ...
relay=[], reject=550 5.1.1 <>... User unknown
lost input channel from [] to IPv4 after rcpt

While we have very few users, I would like to reduce the limit of failed submissions from the same sender from 100 to 10 or even to 2 subsequent errors 550 5.1.1 User unknown, but I do not know where this limit is set.

Although in general the SPF milter should not accept failed relay domains, it should immediately disconnect from illegal senders. How does this backscatter manage to get through — could he exploit some possible flaw in SPF milter or in its library libspf2-1.2.10?
I have found the appropriate setting MaxRecipientsPerMessage=0 and changed this default value to 3 in both and — no effect after service sendmail restart, weird.
Backscatter typically has either a null sender address or legitimate SPF from the intermediate mail system being spammed, so it shouldn't normally fail SPF.

I don't use Sendmail, but "MaxRecipientsPerMessage" sounds like a way of rejecting emails with too many envelope recipients.