The AuthzUser Plugin
This SpamAssassin plugin module allows you to use a standard HTGroup file to control access to certain services via the services_authorized_for_username plugin hook.
...
Add the above configuration to your local.cf file. Also, you will need to set the bayes_sql_username_authorized config option to active the BayesSQL checking.