Upgrade to postfix 3.5.23 or 3.7.9

[DrMurx]

Postfix before 3.5.23 and 3.7.9 are affected by "SMTP Smuggling", see https://www.postfix.org/smtp-smuggling.html

@SaraSmiseth Would you mind to release a build with upgraded debian-mail-overlay?

[SaraSmiseth]

After merging #58 we can release a new image. But we have to fix the tests first.

[AndrewSav]

We are pulling postfix from debian repo, the current version there is 3.7.9 so we should be good after merging https://github.com/mailserver2/mailserver/pull/58

[diroots]

https://github.com/mailserver2/mailserver/actions/runs/7457756574/job/20290497408?pr=58#step:3:166 postfix 3.7.9 from bookworm-updates repo

[diroots]

@SaraSmiseth @AndrewSav the postfix page says that there are new settings to be defined to actually mitigate the SMTP smuggling : https://www.postfix.org/smtp-smuggling.html#long

    smtpd_forbid_bare_newline = yes
    smtpd_forbid_bare_newline_exclusions = $mynetworks

so i think an update to https://github.com/mailserver2/mailserver/blob/master/rootfs/etc/postfix/main.cf is needed in order to add these params to effectively enable this feature.

or maybe advise to enable this feature using the overriding of postfix config https://github.com/mailserver2/mailserver#override-postfix-configuration

(tbh, idk what is best, to enable it by default or not)

[diroots]

(STG) root@mailXX:/path/to/stack docker-compose exec mailserver postconf | grep forbid_bare
smtpd_forbid_bare_newline = no
smtpd_forbid_bare_newline_exclusions = $mynetworks

by default, the exclusions are here, the feature is set to 'no'

[AndrewSav]

Oh good catch! I missed that!

[DrMurx]

Thanks for your great work, @SaraSmiseth , @AndrewSav & @diroots