As recommended you should add reject_sender_login_mismatch to your sender_restrictions to only allow users to send with their own address as FORM. Anyways some special cases are requiring you to login with one address, but send as another like WordPress on most php setups tries to. I created an account called relay@mydomain.de and changed some settings to allow this specific user to send with all addresses.
main.cf
sender_restrictions = reject_sender_login_mismatch,...
master.cf
submission inet n - y - - smtpd -v
...
-o smtpd_sender_restrictions=$sender_restrictions
-o smtpd_sender_login_maps=mysql:/etc/postfix/sql/sender_acl.cf
...
sql/sender_acl.cf
user = mail
password = passwd
hosts = localhost
dbname = mail
query = select concat(username, '@', domain) as 'res' from accounts where username = '%u' AND domain = '%d' union select destination AS 'res' from aliases where source = '%u@%d' union select login AS 'res' from sender_acl where send_as = '%s' OR send_as = '@%d' OR send_as = '*';
sender_acl.sql
CREATE TABLE `sender_acl` (
`id` int(10) UNSIGNED NOT NULL,
`send_as` varchar(100) NOT NULL,
`login` varchar(100) NOT NULL
);
INSERT INTO `sender_acl` (`id`, `send_as`, `login`) VALUES
(1, '*', 'relay@mydomain.de');
send_as can be set to “mydomain.de” or “anotherdomain.de” to allow every address (*@mydomain.de) of that specific domain or to “*” (star) to allow to send without any restrictions.
As always don’t forget the risks such a setup could cause.