This is probably better done with
check_sender_access than with
header_checks, e.g.:
Code:
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
check_sender_access hash:/etc/postfix/sender_access
sender_access:
Code:
baduser@example.com REJECT
Then, run
Code:
postmap /etc/postfix/sender_access