Preventing From: address spoofing

[jchristgit]

Currently services can send e-mails as users, and vice versa. Users can also
send e-mails as other users.

We should validate that the user sending an e-mail owns the address (can also be
an alias) before being able to send.

Most likely, we can use Postfix's smtpd_sender_login_maps for this.

[jb3]

To handle this, we need to:

• Handle a user sending from their own account (joe@pydis.wtf)
• Handle a user sending from a domain alias (joe@owlcorp.uk)
• Handle a user sending as a group they are a member of (devops@pydis.wtf)
• Allow services to send as any @int.pydis.wtf address OR a granted address (e.g. fredrick@pydis.wtf)