diff --git a/tasks/postfix.yml b/tasks/postfix.yml
index fa212be..a707bd7 100644
--- a/tasks/postfix.yml
+++ b/tasks/postfix.yml
@@ -46,6 +46,7 @@
     - relay_by_sender
     - relay_checks
     - sender_checks
+    - smtp_sasl_auth_password
     - transport_global_exceptions
     - transport_relay
   notify: reload postfix
diff --git a/templates/postfix/conf.d/smtp_sasl_auth_password.j2 b/templates/postfix/conf.d/smtp_sasl_auth_password.j2
new file mode 100644
index 0000000..74db908
--- /dev/null
+++ b/templates/postfix/conf.d/smtp_sasl_auth_password.j2
@@ -0,0 +1,5 @@
+#{{ ansible_managed }}
+
+{% if postfix_smtp_sasl_auth is defined %}
+{{ "%-50s %s:%s" | format(postfix_smtp_sasl_auth_relay, postfix_smtp_sasl_auth_user, postfix_smtp_sasl_auth_password) }}
+{% endif %}
diff --git a/templates/postfix/main.cf.j2 b/templates/postfix/main.cf.j2
index 3977884..fb97418 100644
--- a/templates/postfix/main.cf.j2
+++ b/templates/postfix/main.cf.j2
@@ -123,7 +123,12 @@ smtpd_sasl_exceptions_networks = {{ postfix_smtpd_sasl_exceptions_networks | joi
 ### SMTP Auth client side
 smtp_sasl_auth_enable = yes
 smtp_sasl_auth_soft_bounce = no
-smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
+{% if postfix_smtp_sasl_password_maps is defined %}
+smtp_sasl_password_maps =
+{% for map in postfix_smtp_sasl_password_maps %}
+    {{ map.type }}:{{ map.path }}
+{% endfor %}
+{% endif %}
 smtp_sasl_security_options = noanonymous
 {% endif %}