Allow untrusted routing
allow_untrusted_routing

This parameter controls if Postfix will forward mail with sender-specified routing (user[@%!]remote[@%!]site) from untrusted clients to destinations that are blessed by the relay_domains parameter.

By default, untrusted clients are not allowed to specify routing. This closes a nasty open relay loophole where a backup MX host can be tricked into forwarding junk mail to a primary MX host which then spams it out to the world.