I managed to have a working implementation, but it is just for fun 
Creating a simple panel to configure this behavior would be complex.
Before proceed, you need to understand how it works, otherwise some users will not be able to send any mail. Take a look at: https://blog.felipe-alfaro.com/2006/02/19/block-sender-address-spoofing-with-smpt-auth/
So, let’s start.
Configuration
1. Create a template-custom
Execute:
mkdir -p /etc/e-smith/templates-custom/etc/postfix/master.cf
Content of /etc/e-smith/templates-custom/etc/postfix/master.cf/40restrictions:
{
push @submission_smtpd_options, 'smtpd_sender_restrictions=reject_authenticated_sender_login_mismatch';
push @submission_smtpd_options, 'smtpd_sender_login_maps=hash:/etc/postfix/smtpd_sender_login_maps';
'';
}
2. Create a map between users and allowed addresses
Content of /etc/postfix/smtpd_sender_login_maps:
u1@local.neth.eu u1
@local.neth.eu u2
3. Apply the configuration
Execute:
postmap /etc/postfix/smtpd_sender_login_maps
signal-event nethserver-mail-server-update
Testing
You can test it with curl.
This should be allowed:
curl -k -n --ssl-reqd --url "smtps://localhost:465" --mail-from u2@local.neth.eu --mail-rcpt u2@local.neth.eu --upload-file /dev/null -u u2:Nethesis,1234 -v
This should be denied:
curl -k -n --ssl-reqd --url "smtps://localhost:465" --mail-from u2@local.neth.eu --mail-rcpt u2@local.neth.eu --upload-file /dev/null -u u1:Nethesis,1234 -v