diff --git a/roles/mailserver/init.sls b/roles/mailserver/init.sls
--- a/roles/mailserver/init.sls
+++ b/roles/mailserver/init.sls
@@ -5,4 +5,5 @@
 #   License:        Trivial work, not eligible to copyright
 #   -------------------------------------------------------------
 
-#   This state is left intentionally blank.
+include:
+  - .postfix
diff --git a/roles/mailserver/map.jinja b/roles/mailserver/map.jinja
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/map.jinja
@@ -0,0 +1,16 @@
+{% set postfix_dirs = salt['grains.filter_by']({
+    'FreeBSD' : {
+        'daemon': '/usr/local/libexec/postfix',
+        'queue': '/var/spool/postfix',
+        'data': '/var/db/postfix',
+        'shlib': '/usr/local/lib/postfix',
+        'cacerts': '/etc/ssl/certs',
+    },
+    'Debian' : {
+       'daemon':  '/usr/lib/postfix',
+       'queue': '/var/spool/postfix',
+       'data': '/var/lib/postfix',
+       'shlib': '/usr/lib/postfix',
+       'cacerts': '/etc/ssl/certs',
+    }
+}, default='Debian') %}
diff --git a/roles/mailserver/postfix/files/main.cf b/roles/mailserver/postfix/files/main.cf
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/postfix/files/main.cf
@@ -0,0 +1,86 @@
+#   -------------------------------------------------------------
+#   Postfix main configuration
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+#   Project:        Nasqueron
+#   License:        Trivial work, not eligible to copyright
+#   Source file:    roles/mailserver/postfix/files/main.cf
+#   -------------------------------------------------------------
+#
+#   <auto-generated>
+#       This file is managed by our rOPS SaltStack repository.
+#
+#       Changes to this file may cause incorrect behavior
+#       and will be lost if the state is redeployed.
+#   </auto-generated>
+
+compatibility_level = 3.8
+
+#   -------------------------------------------------------------
+#   Postfix directories
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+command_directory = {{ dirs.sbin }}
+daemon_directory = {{ postfix_dirs.daemon }}
+data_directory = {{ postfix_dirs.data }}
+html_directory = {{ dirs.share }}/doc/postfix
+manpage_directory = {{ dirs.man }}
+meta_directory = {{ dirs.etc }}/postfix
+queue_directory = {{ postfix_dirs.queue }}
+readme_directory = {{ dirs.share }}/doc/postfix
+sample_directory = {{ dirs.etc }}/postfix
+shlib_directory = {{ postfix_dirs.shlib }}
+
+#   -------------------------------------------------------------
+#   External utilities
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+mailq_path = {{ dirs.bin }}/mailq
+newaliases_path = {{ dirs.bin }}/newaliases
+sendmail_path = {{ dirs.sbin }}/sendmail
+
+#   -------------------------------------------------------------
+#   UNIX users and groups
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+mail_owner = postfix
+setgid_group = maildrop
+
+#   -------------------------------------------------------------
+#   Debug
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+debug_peer_level = 2
+
+debugger_command =
+         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
+         ddd $daemon_directory/$process_name $process_id & sleep 5
+
+#   -------------------------------------------------------------
+#   Network
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+inet_protocols = all
+mynetworks_style = host
+
+#   -------------------------------------------------------------
+#   Mail
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+mydestination = localhost
+unknown_local_recipient_reject_code = 550
+
+#   -------------------------------------------------------------
+#   TLS certificates
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+smtp_tls_CApath = {{ postfix_dirs.cacerts }}
+
+smtpd_use_tls=yes
+smtpd_tls_cert_file=/usr/local/etc/letsencrypt/live/mail.nasqueron.org/fullchain.pem
+smtpd_tls_key_file=/usr/local/etc/letsencrypt/live/mail.nasqueron.org/privkey.pem
+
+smtpd_tls_mandatory_ciphers = high
+smtpd_tls_mandatory_exclude_ciphers = aNULL,MD5
+smtpd_tls_security_level = may
+smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
+
diff --git a/roles/mailserver/postfix/init.sls b/roles/mailserver/postfix/init.sls
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/postfix/init.sls
@@ -0,0 +1,29 @@
+#   -------------------------------------------------------------
+#   Mail - Postfix
+#   -------------------------------------------------------------
+#   Project:        Nasqueron
+#   License:        Trivial work, not eligible to copyright
+#   Source file:    roles/mailserver/postfix.sls
+#   -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+{% from "roles/mailserver/map.jinja" import postfix_dirs with context %}
+
+#   -------------------------------------------------------------
+#   Software
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+postfix:
+  pkg.installed
+
+#   -------------------------------------------------------------
+#   Configuration
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{{ dirs.etc }}/postfix/main.cf:
+  file.managed:
+    - source: salt://roles/mailserver/files/main.cf
+    - template: jinja
+    - context:
+        dirs: {{ dirs }}
+        postfix_dirs: {{ postfix_dirs }}
diff --git a/roles/mailserver/postfix/main.cf b/roles/mailserver/postfix/main.cf
new file mode 100644