[oss-security] Postfix updated SMTP smuggling countermeasure
"If I'm reading this right, the initial implementation of Postfix smtpd_forbid_bare_newline disallowed bare LF not only at the end of
DATA, but also elsewhere in the SMTP session. This is now relaxed in
the recommended 'smtpd_forbid_bare_newline = normalize' mode to apply
only to the end of DATA, while allowing bare LFs elsewhere. This is
sufficient to prevent the attack while having better compatibility with
existing SMTP clients."
https://www.openwall.com/lists/oss-security/2024/01/22/1