Try adding the following to your main.cf:
Code:
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sender_restrictions = reject_unknown_sender_domain
This help prevents any one from sending mail through your server without logging in first.