I discovered this after Postfix had crashed under the weight of spam a machine on my ISP's local subnet was sending through me.
The fix is to change
mynetworks_stylefrom the default of
host. You do use authenticated sending only, right? (check
permit_sasl_authenticatedand not a lot else).
I debugged this and was up to 2am last night clearing up after the mess.