Isso funciona com o Postfix 2.1+ Se não, reject_sender_login_mismatch
smtpd_sender_restrictions = reject_sender_login_mismatch
De acordo com o postfix documentação reject_authenticated_sender_login_mismatch aplica reject_sender_login_mismatch
reject_sender_login_mismatch: Reject the request when $smtpd_sender_login_maps specifies an owner for the MAIL FROM address, but the client is not (SASL) logged in as that MAIL FROM address owner; or when the client is (SASL) logged in, but the client login name doesn't own the MAIL FROM address according to $smtpd_sender_login_maps.