Why move the EOM (".\r\n") test? Unless I'm reading this wrong, moving it makes no difference.

Indeed it should not make a difference, but I thought it's easier to read and understand this way: First do checks that apply to every line, then do checks for more specific conditions (EOM), then do the actual processing.

Thanks for poking at this, @bseibold! I think the last time this bit of code had a meaningful change might have been in 2002 in e2cc2f7 (or maybe 11 years ago in ce18cf7). :-D

Some tests for this change would be valuable, I think.

Sure, tests are always a good idea, especially since this is the first line of Perl I have written in more than 15 years (and before that it was mostly code golf). But frankly I don't want to spend the effort to re-learn Perl just for these tests. Sorry.

I did however deploy the change to my (extremely low-volume) server, and so far I didn't find anything in the logs that would suggest that it doesn't work. A few test mails did also pass.

Indeed it should not make a difference, but I thought it's easier to read and understand this way:

If you had not made that change, I would likely have already merged this PR. Previously, the checks were extremely cheap, now the EOM and every line in the message is hitting the regex engine. So the processing cost is raised somewhat. But I also think this is a good time to make this change. CPU is very cheap and every other MTA is also tightening their bare LF handling because of SMTP smuggling.