Hmm.. I might got this wrong, but don't you need a mapping file to make that work? Is this really denying a logged in user to spoof it's FROM address? I always had to implement a mapping file.

Which would probably look like:
main.cf:

...
smtpd_sender_login_maps = pcre:mapping.file
...

and the
mapping.file:

/^(.*)$/   ${1}

All from memory, but it took me quite a while back than to figure that out.. So it sticks! ;)
And yes, this would map every user to only his mailaccount.

Great idea! It is not working in my implemention, I actually created another pull request but there was a problem with requipment of mapping users. Could you fix this please?

I will fix it, if you implement a test for it! ;)

I am not familiar with tests that are used in this image, but I could try...

#825 - here is another pull request. Unfortunately working only with ldap.

Oh, great find! :) That would probably be replaceable with my idea.. I'll have a look
So let them do the work! ;)