Here is all I need and I've done for this which has written in official site.

Access policy
Access restriction requires iRedAPD plugin sql_alias_access_policy, please make sure it's enabled in iRedAPD config file /opt/iredapd/settings.py.

You can restrict which senders are allowed to send email to this mail alias account by adding proper policy name in SQL column alias.accesspolicy. For example:

sql> UPDATE alias SET accesspolicy='domain' WHERE address='alias@mydomain.com';
Available access policies:

Access Policy Name    Comment
public    no restrictions
domain    all users under same domain are allowed to send email to this mail alias account.
subdomain    all users under same domain and all sub-domains are allowed to send email to this mail alias account.
membersonly    only members of this mail alias account are allowd.
moderatorsonly    only moderators of this mail alias account are allowed.
membersandmoderatorsonly    only members and moderators of this mail alias account are allowed.

How to assign a moderator
Moderators are email addresses stored in SQL table moderators. With iRedAPD-1.4.5 and later releases, it's ok to use *@domain.com as (one of) moderator for all users under mail domain 'domain.com'.

To assign user someone@gmail.com and someone@outlook.com as moderator of mail alias alias@mydomain.com:

sql> INSERT INTO moderators (address, moderator, domain, dest_domain)
                    VALUES ('alias@mydomain.com', 'someone@gmail.com', 'mydomain.com', 'gmail.com');

sql> INSERT INTO moderators (address, moderator, domain, dest_domain)
                    VALUES ('alias@mydomain.com', 'someone@outlook.com', 'mydomain.com', 'outlook.com');

https://docs.iredmail.org/sql.create.mail.alias.html