The postfix documentation regarding reject_sender_login_mismatch:
http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch or maybe in here: http://www.postfix.org/SMTPD_ACCESS_README.html Specifically the reject_authenticated_* and reject_unauthenticated_* forms, would greatly benefit from this small snippet from the mailing list archives: http://archives.neohapsis.com/archives/postfix/2009-01/0523.html I was really not clear on how this worked until finding this. Although I'm still not sure why the reject_authenticated_* one is useful. Thank You to everyone contributing to postfix! I hope this small addition can make it into the docs... johnea ~~~~~~~~~~~~~~~~ snippet from mail archives ~~~~~~~~~~~~~~~~ to sum up: - if f...@example.com can only be used by user 'foo', then use reject_sender_login_mismatch - if f...@example.com must be authenticated (but you don't care who the user is), then use reject_unauthenticated_sender_login_mismatch - if f...@example.com can be used (without auth) OR (if auth'ed, the user must be 'foo'), then use reject_authenticated_sender_login_mismatch <advanced> you can implement this on a per sender basis using a check_sender_access with a map that returns one of the above depending on the sender. for example: smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access_sender_login == access_sender_login: j...@example.com reject_sender_login_mismatch j...@example.com reject_authenticated_sender_login_mismatch j...@example.com reject_unauthenticated_sender_login_mismatch f...@example.com DUNNO example.com reject_sender_login_mismatch </advanced>