Tool is testing eod sequences which an attacker cannot produce

[damluk]

From https://www.mail-archive.com/postfix-users@postfix.org/msg101084.html:

Tested eod_sequences like \r\n.\r cannot be provoked by an attacker, because an RFC conforming SMTP client will dot-stuff \r\n.<non-crlf> into \r\n..<non-crlf>, rendering the injected sequence useless for the attack.

[The-Login]

The general issue with SMTP smuggling is the violation of exactly these rules/RFCs. Exchange Online and GMX violated RFC 5322 since they let <LF>.<CR><LF> through unfiltered, even though the RFC states "CR and LF MUST only occur together as CRLF; they MUST NOT appear independently in the body." Therefore, it might still be possible that outbound servers letting <CR><LF>.whatever sequences through unfiltered exist.
However, it is unlikely that outbound SMTP servers let <CR><LF>.whatever through, based on the previous research. For now, I've removed <CR><LF>.whatever test cases to reduce false positives.