diff --git a/postfix/config.sls b/postfix/config.sls
new file mode 100644
index 0000000..f2e83b0
--- /dev/null
+++ b/postfix/config.sls
@@ -0,0 +1,43 @@
+include:
+  - postfix
+
+/etc/postfix:
+  file.directory:
+    - user: root
+    - group: root
+    - dir_mode: 755
+    - file_mode: 644
+    - makedirs: True
+
+/etc/postfix/main.cf:
+  file.managed:
+    - source: salt://postfix/files/main.cf
+    - user: root
+    - group: root
+    - mode: 644
+    - watch_in:
+      service: postfix
+    - template: jinja
+    - defaults:
+        smtpd_banner: {{ salt['pillar.get']('postfix:smtpd_banner', '$myhostname ESMTP $mail_name (Ubuntu)' )}}
+        biff: {{ salt['pillar.get']('postfix:biff', 'no' )}}
+
+        append_dot_mydomain: {{ salt['pillar.get']('postfix:append_dot_mydomain', 'no' )}}
+
+        readme_directory: {{ salt['pillar.get']('postfix:readme_directory', 'no' )}}
+
+        smtpd_tls_cert_file: {{ salt['pillar.get']('postfix:smtpd_tls_cert_file', '/etc/ssl/certs/ssl-cert-snakeoil.pem' )}}
+        smtpd_tls_key_file: {{ salt['pillar.get']('postfix:smtpd_tls_key_file', '/etc/ssl/private/ssl-cert-snakeoil.key' )}}
+        smtpd_use_tls: {{ salt['pillar.get']('postfix:smtpd_use_tls', 'yes' )}}
+        smtpd_tls_session_cache_database: {{ salt['pillar.get']('postfix:smtpd_tls_session_cache_database', 'btree:${data_directory}/smtpd_scache' )}}
+        smtp_tls_session_cache_database: {{ salt['pillar.get']('postfix:smtp_tls_session_cache_database', 'btree:${data_directory}/smtp_scache' )}}
+
+        myhostname: {{ salt['pillar.get']('postfix:myhostname', 'localhost' )}}
+        alias_maps: {{ salt['pillar.get']('postfix:alias_maps', 'hash:/etc/aliases' )}}
+        alias_database: {{ salt['pillar.get']('postfix:alias_database', 'hash:/etc/aliases' )}}
+        mydestination: {{ salt['pillar.get']('postfix:mydestination', 'localhost, localhost.localdomain, , localhost' )}}
+        relayhost: {{ salt['pillar.get']('postfix:relayhost', '' )}}
+        mynetworks: {{ salt['pillar.get']('postfix:mynetworks', '127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128' )}}
+        mailbox_size_limit: {{ salt['pillar.get']('postfix:mailbox_size_limit', '0' )}}
+        recipient_delimiter: {{ salt['pillar.get']('postfix:recipient_delimiter', '+' )}}
+        inet_interfaces: {{ salt['pillar.get']('postfix:inet_interfaces', 'all' )}}
diff --git a/postfix/files/main.cf b/postfix/files/main.cf
new file mode 100644
index 0000000..fc73480
--- /dev/null
+++ b/postfix/files/main.cf
@@ -0,0 +1,38 @@
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+
+
+# Debian specific:  Specifying a file name will cause the first
+# line of that file to be used as the name.  The Debian default
+# is /etc/mailname.
+#myorigin = /etc/mailname
+
+smtpd_banner = {{ smtpd_banner }}
+biff = {{ biff }}
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = {{ append_dot_mydomain  }}
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = {{ readme_directory }}
+
+# TLS parameters
+smtpd_tls_cert_file = {{ smtpd_tls_cert_file }}
+smtpd_tls_key_file = {{ smtpd_tls_key_file }}
+smtpd_use_tls = {{ smtpd_use_tls }}
+smtpd_tls_session_cache_database = {{ smtpd_tls_session_cache_database }}
+smtp_tls_session_cache_database = {{ smtp_tls_session_cache_database }}
+
+# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
+# information on enabling SSL in the smtp client.
+
+myhostname = {{ myhostname }}
+alias_maps = {{ alias_maps }}
+alias_database = {{ alias_database }}
+mydestination = {{ mydestination }}
+relayhost = {{ relayhost }}
+mynetworks = {{ mynetworks }}
+mailbox_size_limit = {{ mailbox_size_limit }}
+recipient_delimiter = {{ recipient_delimiter }}
+inet_interfaces = {{ inet_interfaces }}