I would try to put here a sample configuration for Postfix to use it with virtual domains, virtual mailboxes, virtual lists and obviously MLAPD.

With something like the following in your main.cf file, you should be able to permit to your Postfix installation to do the job. Please give also a look to the HowToPopulateLDAP page to have an idea of how the LDAP should be populated.

virtual_mailbox_domains = ldap:domains
virtual_mailbox_base = /path/to/store/
virtual_mailbox_maps = ldap:mailboxes
virtual_alias_maps = ldap:groups
virtual_minimum_uid = 2
virtual_uid_maps = static:8
virtual_gid_maps = static:12

domains_server_host = ldap://localhost
domains_server_port = 389
domains_search_base = dc=root,dc=dn
domains_scope = one
domains_query_filter = (&(dc=%s)(objectClass=domain))
domains_result_attribute = dc

mailboxes_server_host = ldap://localhost
mailboxes_server_port = 389
mailboxes_search_base = dc=root,dc=dn
mailboxes_scope = sub
mailboxes_query_filter = (&(|(mail=%s)(mailalternateaddress=%s))(objectClass=mailrecipient))
mailboxes_result_attribute = mailmessagestore

groups_server_host = ldap://localhost
groups_server_port = 389
groups_search_base = dc=root,dc=dn
groups_scope = sub
groups_query_filter = (&(mgrpdeliverto=%s)(objectClass=mailgroup))
groups_result_attribute = mgrprfc822mailmember

For the MLAPD integration basically you need to modify the main.cf again enabling the check_policy_service keyword as one of yours smtpd_recipient_restrictions or smtpd_data_restrictions.

e.g.

smtpd_recipient_restrictions = ..., reject_unauth_destination, check_policy_service inet:127.0.0.1:7777

As suggested also by the Postfix SMTPD_POLICY_README, you should always specify "check_policy_service" AFTER "reject_unauth_destination" otherwise your system could become an open relay.