The email to fax gateway is a work in progress. Here is a small explanation of the access control mechanism it proposes. This may evolve in the future. So, comments are welcome.
An access rule may be open or selective. Mostly, you can specify whether faxes are accepted from anywhere, only from the local net, only from fax users, or only from a member of the user list.
You may require that email from fax users be PGP signed, so you are sure they came from that user.