diff --git a/pillar.example b/pillar.example
index 4d12ba1..5214ac7 100644
--- a/pillar.example
+++ b/pillar.example
@@ -32,9 +32,37 @@ postfix:
     alias_maps: hash:/etc/aliases
     alias_database: hash:/etc/aliases
 
+    # Virtual users
+    virtual_alias_maps: proxy:mysql:/etc/postfix/virtual_alias_maps.cf
+    virtual_mailbox_domains: proxy:mysql:/etc/postfix/virtual_mailbox_domains.cf
+    virtual_mailbox_maps: proxy:mysql:/etc/postfix/virtual_mailbox_maps.cf
+    virtual_mailbox_base: /home/vmail
+    virtual_mailbox_limit: 512000000
+    virtual_minimum_uid: 5000
+    virtual_transport: virtual
+    virtual_uid_maps: static:5000
+    virtual_gid_maps: static:5000
+
+    local_transport: virtual
+    local_recipient_maps: $virtual_mailbox_maps
+    transport_maps: hash:/etc/postfix/transport
+
     # SMTP server
     smtpd_tls_session_cache_database: btree:${data_directory}/smtpd_scache
     smtpd_use_tls: 'yes'
+    smtpd_sasl_auth_enable: 'yes'
+    smtpd_sasl_type: dovecot
+    smtpd_sasl_path: /var/run/dovecot/auth-client
+    smtpd_recipient_restrictions: permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
+    smtpd_relay_restrictions: permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
+    smtpd_sasl_security_options: noanonymous
+    smtpd_sasl_tls_security_options: $smtpd_sasl_security_options
+    smtpd_tls_auth_only: 'yes'
+    smtpd_sasl_local_domain: $mydomain
+    smtpd_tls_loglevel: 1
+    smtpd_tls_session_cache_timeout: 3600s
+
+    relay_domains: '$mydestination'
 
     # SMTP server certificate and key (from pillar data)
     smtpd_tls_cert_file: /etc/postfix/ssl/server-cert.crt
@@ -47,13 +75,19 @@ postfix:
     smtp_tls_key_file: /etc/postfix/ssl/example.com-relay-client-cert.key
 
     smtp_sasl_password_maps: hash:/etc/postfix/sasl_passwd
-
     sender_canonical_maps: hash:/etc/postfix/sender_canonical
-
     relay_recipient_maps: hash:/etc/postfix/relay_domains
-
     virtual_alias_maps: hash:/etc/postfix/virtual
 
+  transport:
+    DOMAIN_NAME: ':[IP_ADDRESS]'
+
+  vmail:
+    user: postfix_user
+    password: DB_PASSWD
+    hosts: DB_HOST
+    dbname: postfix_db
+
   certificates:
     server-cert:
       public_cert: |
diff --git a/postfix/config.sls b/postfix/config.sls
index 2dd21b4..0554677 100644
--- a/postfix/config.sls
+++ b/postfix/config.sls
@@ -20,6 +20,45 @@ include:
     - watch_in:
       - service: postfix
     - template: jinja
+
+{% if 'vmail' in pillar.get('postfix', '') %}
+/etc/postfix/virtual_alias_maps.cf:
+  file.managed:
+    - source: salt://postfix/files/virtual_alias_maps.cf
+    - user: root
+    - group: postfix
+    - mode: 640
+    - require:
+      - pkg: postfix
+    - watch_in:
+      - service: postfix
+    - template: jinja
+
+/etc/postfix/virtual_mailbox_domains.cf:
+  file.managed:
+    - source: salt://postfix/files/virtual_mailbox_domains.cf
+    - user: root
+    - group: postfix
+    - mode: 640
+    - require:
+      - pkg: postfix
+    - watch_in:
+      - service: postfix
+    - template: jinja
+
+/etc/postfix/virtual_mailbox_maps.cf:
+  file.managed:
+    - source: salt://postfix/files/virtual_mailbox_maps.cf
+    - user: root
+    - group: postfix
+    - mode: 640
+    - require:
+      - pkg: postfix
+    - watch_in:
+      - service: postfix
+    - template: jinja
+{% endif %}
+
 {% if salt['pillar.get']('postfix:manage_master_config', True) %}
 /etc/postfix/master.cf:
   file.managed:
@@ -34,9 +73,31 @@ include:
     - template: jinja
 {% endif %}
 
+{% if 'transport' in pillar.get('postfix', '') %}
+/etc/postfix/transport:
+  file.managed:
+    - source: salt://postfix/files/transport
+    - user: root
+    - group: root
+    - mode: 644
+    - require:
+      - pkg: postfix
+    - watch_in:
+      - service: postfix
+    - template: jinja
+
+run-postmap:
+  cmd.wait:
+    - name: /usr/sbin/postmap /etc/postfix/transport
+    - cwd: /
+    - watch:
+      - file: /etc/postfix/transport
+{% endif %}
+
 {%- for domain in salt['pillar.get']('postfix:certificates', {}).keys() %}
 
 postfix_{{ domain }}_ssl_certificate:
+
   file.managed:
     - name: /etc/postfix/ssl/{{ domain }}.crt
     - makedirs: True
diff --git a/postfix/files/transport b/postfix/files/transport
new file mode 100644
index 0000000..8db7092
--- /dev/null
+++ b/postfix/files/transport
@@ -0,0 +1,17 @@
+#
+# This file is managed by salt
+#
+
+{% set config = salt['pillar.get']('postfix:transport', {}) -%}
+{% macro set_parameter(parameter, default=None) -%}
+{% set value = config.get(parameter, default) -%}
+{% if value is not none -%}
+{{ parameter }} {{ value }}
+{% endif -%}
+{% endmacro -%}
+
+{# Accept arbitrary parameters -#}
+{% for parameter in config -%}
+{{ set_parameter(parameter) }}
+{% endfor -%}
+
diff --git a/postfix/files/virtual_alias_maps.cf b/postfix/files/virtual_alias_maps.cf
new file mode 100644
index 0000000..dc4f9ca
--- /dev/null
+++ b/postfix/files/virtual_alias_maps.cf
@@ -0,0 +1,17 @@
+{% set config = salt['pillar.get']('postfix:vmail', {}) -%}
+{% macro set_parameter(parameter, default=None) -%}
+{% set value = config.get(parameter, default) -%}
+{% if value is not none -%}
+{{ parameter }} = {{ value }}
+{% endif -%}
+{% endmacro -%}
+
+{# Accept arbitrary parameters -#}
+{% for parameter in config -%}
+{{ set_parameter(parameter) }}
+{% endfor -%}
+
+{{ set_parameter('table', 'alias') }}
+{{ set_parameter('select_field', 'goto') }}
+{{ set_parameter('where_field', 'address') }}
+
diff --git a/postfix/files/virtual_mailbox_domains.cf b/postfix/files/virtual_mailbox_domains.cf
new file mode 100644
index 0000000..3439c99
--- /dev/null
+++ b/postfix/files/virtual_mailbox_domains.cf
@@ -0,0 +1,17 @@
+{% set config = salt['pillar.get']('postfix:vmail', {}) -%}
+{% macro set_parameter(parameter, default=None) -%}
+{% set value = config.get(parameter, default) -%}
+{% if value is not none -%}
+{{ parameter }} = {{ value }}
+{% endif -%}
+{% endmacro -%}
+
+{# Accept arbitrary parameters -#}
+{% for parameter in config -%}
+{{ set_parameter(parameter) }}
+{% endfor -%}
+
+{{ set_parameter('table', 'domain') }}
+{{ set_parameter('select_field', 'domain') }}
+{{ set_parameter('where_field', 'domain') }}
+
diff --git a/postfix/files/virtual_mailbox_maps.cf b/postfix/files/virtual_mailbox_maps.cf
new file mode 100644
index 0000000..7711f98
--- /dev/null
+++ b/postfix/files/virtual_mailbox_maps.cf
@@ -0,0 +1,17 @@
+{% set config = salt['pillar.get']('postfix:vmail', {}) -%}
+{% macro set_parameter(parameter, default=None) -%}
+{% set value = config.get(parameter, default) -%}
+{% if value is not none -%}
+{{ parameter }} = {{ value }}
+{% endif -%}
+{% endmacro -%}
+
+{# Accept arbitrary parameters -#}
+{% for parameter in config -%}
+{{ set_parameter(parameter) }}
+{% endfor -%}
+
+{{ set_parameter('table', 'mailbox') }}
+{{ set_parameter('select_field', 'maildir') }}
+{{ set_parameter('where_field', 'username') }}
+