Postfix has a "check_sender_access" feature which can accomplish this. From the postfix.org documentation site:
Search the specified access(5) database for the MAIL FROM address, domain, parent domains, or localpart@, and execute the corresponding action
To implement this create a file for your reject list and add a line with the sender's email (from their header), with the word REJECT following it. Be sure to run postmap against this file to create the hash. Then add check_sender_access hash:/your_file to the smtpd_recipient_restrictions and restart postfix.
is a link to some detailed instructions.
You may also see recommendations for performing this action with spamassassin. This can work as you can create a custom black list which will add 100 points to mail from that recipient, causing spamassassin to flag it. The postfix solution is more direct as it will return an error code at the SMTP level. Undoubtedly you want to avoid 'bouncing' the mail which would undoubtedly be futile, but they may get the message (no pun intended) if your smtp returns a hard error code.
One thing I recall that postfix does by default and you may want to look into this is that it will let them complete a decent portion of the mail transaction and then issue the reject error. I read about this is postfix the definitive guide
. I think the reason was to prevent them from knowing what you were filtering on to help prevent them from working around it.
One other thing, you may also be able to implement restrictions in the ehlo portion of the transaction. Just something else to look into.