Postfix: Avoid users impersonating each other at same domain

This pastebin is an answer to this question: http://unix.stackexchange.com/questions/257430/postfix-users-impersonating-other-users-at-same-domain.
------------------

The solution for this problem is to:

1. Add `reject_sender_login_mismatch` to the end of the `smtpd_sender_restrictions` section;
2. In this case, add `smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual_sender-login-maps.cf`. This is the maps used by postfix to make sure the sender login email and `from` field match. In this case it's done on MySQL because `virtual_mailbox_domains` and `virtual_alias_maps` are based on MySQL maps too.
3. Create `/etc/postfix/mysql-virtual_sender-login-maps.cf` with the following content:
```````
user = emailserveruser
password = sdfjn1234ns
hosts = 127.0.0.1
dbname = mailstack
query = SELECT * FROM (SELECT email FROM `virtual_users` WHERE email = '%s' UNION SELECT destination FROM `virtual_alias` WHERE source = '%s' ) a LIMIT 1
```````

Note that postfix will give you the `From` email as `%s` and it excepts to receive as result of a query an address that matches the one used on the SMTP autentication. In this case we first query the `virtual_users` table and if nothing is returned from there (meaning there's no real user with that email) we query `virtual_alias` in order to get the `destination` address (a real user mailbox) that matches a potential email alias (our `source` col).
If there's no match, the query returns nothing, it means that: 1) there's no such user with that email 2) there's no such alias to any user with that email. Postfix then gives the mail client a `Sender address rejected: not owned by user` error.