Comment 3 for bug 2050834

The 3.4.13-0ubuntu1.3 update seems to be based on a backport of postfix-3.6.13
On January 22 an updated fix was released as postfix-3.6.14. A patch for the unsupported postfix-3.4 version was also released:
http://ftp.porcupine.org/mirrors/postfix-release/index.html

According to a postfix announcement made on January 17 there are some issues with the initial fix for the smuggling:

To: Postfix announce <email address hidden>
Date: Wed, 17 Jan 2024 15:16:34 -0500 (EST)
Subject: [pfx-ann] SMTP smuggling update next week
From: Wietse Venema via Postfix-announce <email address hidden>

After the initial SMTP smuggling fix that was published four weeks
ago, the plan is to publish an improved version early next week.

- Better compatibility: Postfix can prevent SMTP smuggling without
  rejecting bare newline characters.

  This avoids a mail delivery problem with Microsoft Exchange
  servers. These violate RFC 3030 (BDAT) and RFC 2045 (MIME text)
  when they send BDAT payloads with bare newline characters in MIME text.
  https://datatracker.ietf.org/doc/html/rfc3030#section-3
  https://datatracker.ietf.org/doc/html/rfc2045#section-2.7
  https://datatracker.ietf.org/doc/html/rfc2045#section-2.8

- Better logging: when Postfix is configured to reject bare newline
  characters, log the queue ID, HELO, MAIL, and RCPT if available.

- Avoid false positives: some "smuggling" test tools send fake
  End-of-DATA sequences that real MTAs cannot send.
  https://www.postfix.org/false-smuggling-claims.html

A preview of the code is in the unstable releases postfix-20240112
and postfix-20240116 (these contain the same code, but differ in
documentation which remains work in progres).
https://www.postfix.org/download.html

    Wietse