Is your feature request related to a problem? Please describe.
For the Postmark provider it (annoyingly) authenticates the webhook using one of my app's users via HTTP basic auth. It's kinda silly to have to setup a special user in my app just to authenticate the webhooks. Then I would want to add logic to my login page's controller to exclude the possibility of logging in as that user on the main website for if those credentials where somehow leaked.

Describe the solution you'd like
In my opinion it makes much more sense to authenticate the webhook by IP address instead of the current method. And maybe add a config value to add additional IP's such as localhost or other special purpose IP's for testing.

Describe alternatives you've considered
I have extended receiver with my own Postmark provider to accomplish this for now.

Additional context