diff --git a/docs/_static/.keep b/docs/_static/.keep
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/docs/rolereference.rst b/docs/rolereference.rst
index ae107deb91ca7d06c7d86868d0fde0f2f35f8d5e..d869acac5d554a0113b00fd6427109cda7b3efc2 100644
--- a/docs/rolereference.rst
+++ b/docs/rolereference.rst
@@ -1332,6 +1332,11 @@ Parameters
   UID/GID (they are set-up to be the same) of the dedicated website
   user/group.
 
+**website_mail_recipients** (string, optional, ``root``)
+  Space-separated list of e-mails or local users to which the mails, sent to
+  either the website admin or website user, should be forwarded to. Forwarding
+  is configured via ``~/.forward`` configuration file.
+
 
 Examples
 ~~~~~~~~
@@ -1370,6 +1375,7 @@ running *ownCloud* and *The Bug Genie* applications):
           value: error_page 404 /core/templates/404.php;
       additional_fpm_config:
         "env[PATH]": "\"/usr/local/bin:/usr/bin:/bin\""
+      website_mail_recipients: "root john.doe@example.com"
     - role: php_website
       deny_files_regex:
         - ^\..*
@@ -1540,6 +1546,11 @@ Parameters
   A list of additional packages to install for this particular WSGI appliction
   in its virtual environment using ``pip``.
 
+**website_mail_recipients** (string, optional, ``root``)
+  Space-separated list of e-mails or local users to which the mails, sent to
+  either the website admin or website user, should be forwarded to. Forwarding
+  is configured via ``~/.forward`` configuration file.
+
 **wsgi_application** (string, mandatory)
   WSGI application that should be started by Gunicorn. The format should be
   conformant to what the ``gunicorn`` command-line tool accepts. If the
@@ -1577,6 +1588,7 @@ running a bare Django project):
           value: error_page 403 /static/403.html;
         - comment: Use custom page for non-existing locations/files.
           value: error_page 404 /static/404.html;
+      website_mail_recipients: "root john.doe@example.com"
 
 
 Database Server
diff --git a/docs/usage.rst b/docs/usage.rst
index ad763695ca03a4e0208a420967def0ac2d127dcb..10bc14097b7489e920e6a047b30d61d87b729fd7 100644
--- a/docs/usage.rst
+++ b/docs/usage.rst
@@ -1233,6 +1233,9 @@ Before we start, here is a couple of useful pointers regarding the
 * If you ever need to set some additional PHP FPM settings, this can easily be
   done via the ``additional_fpm_config`` role parameter. This particular example
   does not set any, though.
+* Mails deliverd to local admin/application users are forwarded to ``root``
+  account instead (this can be configured via ``website_mail_recipients`` role
+  parameter.
 * Static content (non-PHP) is served directly by *Nginx*.
 * Each web application gets distinct sub-directory under ``/var/www``, named
   after the FQDN. All sub-directories created under there are created with
@@ -1479,6 +1482,9 @@ on the safe side:
 * If you ever need to set some environment variables, this can easily be done
   via the ``environment_variables`` role parameter. This particular example does
   not set any, though.
+* Mails deliverd to local admin/application users are forwarded to ``root``
+  account instead (this can be configured via ``website_mail_recipients`` role
+  parameter.
 * Static content is served directly by *Nginx*.
 * Each web application gets distinct sub-directory under ``/var/www``, named
   after the FQDN. All sub-directories created under there are created with
diff --git a/roles/php_website/defaults/main.yml b/roles/php_website/defaults/main.yml
index c7999d3bc254a1d1cf5375c0ad013010feb1a36e..532414485b726032cb23ba4ffd10f34c55ca992e 100644
--- a/roles/php_website/defaults/main.yml
+++ b/roles/php_website/defaults/main.yml
@@ -10,4 +10,5 @@ php_rewrite_urls: []
 rewrites: []
 https_tls_certificate: "{{ lookup('file', tls_certificate_dir + '/' + fqdn + '_https.pem') }}"
 https_tls_key: "{{ lookup('file', tls_private_key_dir + '/' + fqdn + '_https.key') }}"
-additional_fpm_config: {}
\ No newline at end of file
+additional_fpm_config: {}
+website_mail_recipients: "root"
\ No newline at end of file
diff --git a/roles/php_website/tasks/main.yml b/roles/php_website/tasks/main.yml
index ddc5a58eb47746745a674825bc644b1b139a6045..30f41de6cc7f2d8775b622fe00d6fc18f86d2ac4 100644
--- a/roles/php_website/tasks/main.yml
+++ b/roles/php_website/tasks/main.yml
@@ -19,13 +19,19 @@
 
 - name: Create PHP website user
   user: name="{{ user }}" uid="{{ uid | default(omit) }}" group="{{ user }}" comment="umask=0007"
-        system=yes createhome=no state=present
+        system=yes createhome=no state=present home="{{ home }}"
 
 - name: Add nginx user to website group
   user: name="www-data" groups="{{ user }}" append="yes"
   notify:
     - Restart nginx
 
+# Ownership set to root so Postfix would not check if correct user owns the
+# file.
+- name: Set-up forwarding for mails delivered to local application user/admin
+  template: src="forward.j2" dest="{{ home }}/.forward"
+            owner="root" group="{{ user }}" mode=640
+
 - name: Install extra packages for website
   apt: name="{{ item }}" state=installed
   with_items: "{{ packages }}"
diff --git a/roles/php_website/templates/forward.j2 b/roles/php_website/templates/forward.j2
new file mode 100644
index 0000000000000000000000000000000000000000..11db28e788d78182372d852cdb8f85746b85836c
--- /dev/null
+++ b/roles/php_website/templates/forward.j2
@@ -0,0 +1 @@
+{{ website_mail_recipients }}
diff --git a/roles/wsgi_website/defaults/main.yml b/roles/wsgi_website/defaults/main.yml
index 741fb6bc4983c35763b9f779d545dee8e98c2a78..fca42cb375e13679068be8e527c40792fbdbd94d 100644
--- a/roles/wsgi_website/defaults/main.yml
+++ b/roles/wsgi_website/defaults/main.yml
@@ -12,4 +12,5 @@ admin: "web-{{ fqdn | replace('.', '_') }}"
 https_tls_certificate: "{{ lookup('file', tls_certificate_dir + '/' + fqdn + '_https.pem') }}"
 https_tls_key: "{{ lookup('file', tls_private_key_dir + '/' + fqdn + '_https.key') }}"
 gunicorn_version: "19.6.0"
-futures_version: "3.0.5"
\ No newline at end of file
+futures_version: "3.0.5"
+website_mail_recipients: "root"
\ No newline at end of file
diff --git a/roles/wsgi_website/tasks/main.yml b/roles/wsgi_website/tasks/main.yml
index 8d562b1f7df93515df3073d0bb8fccb5b2efd7f3..4a25fcc5a170f9ab6377de21b758c39115e7e685 100644
--- a/roles/wsgi_website/tasks/main.yml
+++ b/roles/wsgi_website/tasks/main.yml
@@ -26,13 +26,19 @@
 
 - name: Create WSGI website user
   user: name="{{ user }}" uid="{{ uid | default(omit) }}" group="{{ user }}" comment="umask=0007"
-        system=yes createhome=no state=present
+        system=yes createhome=no state=present home="{{ home }}"
 
 - name: Add nginx user to website group
   user: name="www-data" groups="{{ user }}" append="yes"
   notify:
     - Restart nginx
 
+# Ownership set to root so Postfix would not check if correct user owns the
+# file.
+- name: Set-up forwarding for mails delivered to local application user/admin
+  template: src="forward.j2" dest="{{ home }}/.forward"
+            owner="root" group="{{ user }}" mode=640
+
 - name: Install extra packages for website
   apt: name="{{ item }}" state=present
   with_items: "{{ packages }}"
diff --git a/roles/wsgi_website/templates/forward.j2 b/roles/wsgi_website/templates/forward.j2
new file mode 100644
index 0000000000000000000000000000000000000000..11db28e788d78182372d852cdb8f85746b85836c
--- /dev/null
+++ b/roles/wsgi_website/templates/forward.j2
@@ -0,0 +1 @@
+{{ website_mail_recipients }}
diff --git a/testsite/group_vars/web.yml b/testsite/group_vars/web.yml
index 2cdfde5ee47a90c1b08fdcd0a5b72d5ba9777528..983c7bedadb580e28d320d2ff818e46f416f94bb 100644
--- a/testsite/group_vars/web.yml
+++ b/testsite/group_vars/web.yml
@@ -14,3 +14,5 @@ web_default_title: "Welcome to Example Inc."
 web_default_message: "You are attempting to access the web server using a wrong name or an IP address. Please check your URL."
 
 db_root_password: "root"
+
+website_mail_recipients: "john.doe@example.com"
\ No newline at end of file