let me re-activate this thread because of a statement in Till's first post:
But your users can specify whatever sender address they like, even fake ones. It's a weakness in the SMTP protocol.
True. It's a weakness in the protocol. Yet, I am sure there is a way to configure postfix so that it checks if the sender address matches i.e. with an entry in the virtual user map, PLUS checking if the address matches with the SASL login of the sending user.
However, so far I didn't manage to tweak my postfix to do what I want.
Are there any experts out there who are able to post a main.cf excerpt?
Thanks loads and regards,