diff --git a/roles/mail_forwarder/playbook.yml b/roles/mail_forwarder/playbook.yml
new file mode 100644
index 0000000000000000000000000000000000000000..d9fdb2851794485c5b704c5efcf8fa32eb32b3dd
--- /dev/null
+++ b/roles/mail_forwarder/playbook.yml
@@ -0,0 +1,130 @@
+---
+
+- hosts: all
+  tasks:
+
+    - name: Update all caches to avoid errors due to missing remote archives
+      apt:
+        update_cache: yes
+
+- hosts: all
+  tasks:
+
+    - name: Set-up /etc/hosts entries
+      lineinfile:
+        dest: /etc/hosts
+        line: "{{ item.key }} {{ item.value }}"
+      with_dict:
+        10.31.127.10: "mail-server domain1"
+        10.31.127.20: "client1"
+        10.31.127.30: "parameters-mandatory"
+        10.31.127.31: "parameters-optional"
+
+- hosts: client1
+  tasks:
+
+    - name: Install SWAKS for testing SMTP capability
+      apt:
+        name: swaks
+        state: installed
+
+    - name: Install tool for testing TCP connectivity
+      apt:
+        name: hping3
+        state: installed
+
+    - name: Deploy CA certificate
+      copy:
+        src: tests/data/x509/ca.cert.pem
+        dest: /usr/local/share/ca-certificates/testca.crt
+        owner: root
+        group: root
+        mode: 0644
+      notify:
+        - Update CA certificate cache
+
+  handlers:
+
+    - name: Update CA certificate cache
+      command: /usr/sbin/update-ca-certificates --fresh
+
+- hosts: mail-server
+  tasks:
+
+    - name: Deploy CA certificate
+      copy:
+        src: tests/data/x509/ca.cert.pem
+        dest: /usr/local/share/ca-certificates/testca.crt
+        owner: root
+        group: root
+        mode: 0644
+      notify:
+        - Update CA certificate cache
+
+    - name: Deploy SMTP private key and certificate
+      copy:
+        src: "tests/data/x509/{{ item }}"
+        dest: "/etc/ssl/{{ item }}"
+        owner: root
+        group: root
+        mode: 0600
+      with_items:
+        - mail-server_smtp.cert.pem
+        - mail-server_smtp.key.pem
+
+    - name: Install Postfix
+      apt: name="postfix" state=installed
+
+    - name: Purge Exim configuration
+      apt: name="exim4*" state=absent purge=yes
+
+    - name: Deploy Postfix configuration
+      copy:
+        src: tests/data/main.cf
+        dest: /etc/postfix/main.cf
+        owner: root
+        group: root
+        mode: 0644
+      notify:
+        - Restart Postfix
+
+  handlers:
+
+    - name: Update CA certificate cache
+      command: /usr/sbin/update-ca-certificates --fresh
+
+    - name: Restart Postfix
+      service:
+        name: postfix
+        state: restarted
+
+- hosts: parameters-mandatory
+  roles:
+    - role: mail_forwarder
+
+      # Global common parameters.
+      tls_certificate_dir: tests/data/x509/
+
+- hosts: parameters-optional
+  roles:
+    - role: mail_forwarder
+      local_mail_aliases:
+        root: "root testuser"
+      smtp_relay_host: mail-server
+      smtp_relay_truststore: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"
+
+      # common
+      ca_certificates:
+        testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"
+
+- hosts: parameters-optional
+  tasks:
+
+    - name: Create additional group for testing local aliases
+      group:
+        name: testuser
+
+    - name: Create additional user for testing local aliases
+      user:
+        name: testuser
+        group: testuser