You could try something like this in your LocalSettings.php
$wgNamespaceProtection[NS_MAIN] = array( 'main-edit' );
$wgGroupPermissions['sysop']['main-edit'] = true;
$wgNamespaceProtection[NS_MAIN_TALK] = array( 'talk-edit' );
$wgGroupPermissions['*']['talk-edit'] = true;
(un-tested)