If you have not already read Postfix SMTP relay and access control, please do so right away. There are a number of guidelines there about making sure that your Postfix server is secured. In particular:
By default, Postfix has a moderately restrictive approach to mail relaying.
Postfix forwards mail only from clients in trusted networks, from clients
that have authenticated with SASL, or to domains that are configured as
authorized relay destinations.
If you have added or removed any restrictions to smtpd_relay_restrictions
, review them very carefully to make sure that you have not made them more permissive than they need to be.
EDIT: In your particular case, this is almost certainly the problem:
mynetworks = all
The mynetworks
variable should only contain networks that are under your direct ownership or control, like a LAN in the office where the mail server is installed. See Postfix Configuration Parameters:
mynetworks (default: see "postconf -d" output)
The list of "trusted" remote SMTP clients that have more privileges than "strangers".
In particular, "trusted" SMTP clients are allowed to relay mail through Postfix.
There may be other issues with your configuration, but this is the one that jumped right out.