diff --git a/group_vars/all/vault.yml b/group_vars/all/vault.yml
index 329ade5..528f517 100644
--- a/group_vars/all/vault.yml
+++ b/group_vars/all/vault.yml
@@ -1,34 +1,41 @@
 $ANSIBLE_VAULT;1.1;AES256
-35656330333661626336313338653930656431376632383430306534623037363634636665343663
-6263626531383966323434623136316332316264303733320a366463616239663666366233643361
-62346437326330643833346464326535383163613766303031353332366561636261306361366638
-3834313434633836610a386632336361333234333832366665663636313161643064636462393633
-36353164323165613862656366396638393365633433393365643635356233303564646664633232
-62633934386639353262643163323133353766616132396234346234616162616139346431663861
-64316230373961656230666335366361373531643738343736613336653634613366306363623232
-65653036646239613332313036366134376465623362633036343831623663613562633838313835
-65393433323934633334663966616263393462383564303635323837616165366138636231373564
-62373436636631373130623836333964393761343539366666633530303037393132613461363633
-61653735323030636136376631373462646163343930383062356632666234353034376364653638
-32343038336661343538663165333432353632633030363335333865646366393038373361623132
-65363037336566633466653866336364666130343865353334383662616662613132353338643234
-37346631323139316630323132656135646266356636656634376430386163636630653335376565
-30303638356134323062353732353866643136613837363335613933343264356266656430343637
-35333965383833396266633563616261393232386536613635313835303135303866396166616233
-64363631373531623066386438323262613866303965396461323964363362393963383633643166
-64353230366231326339353231393161636439303730306332306461396337376161633266383666
-37623261656132393062313961633262346230323665393730386261623665346232626263383332
-32646338383335633236316662643239303238623330376231316664386232646630363562346534
-34626563643735356231373438376365316162396465666133646238623739333632316339393833
-30383565396430396139363033653531656233303464626234386364626135386432663837353863
-64303262643166623530643436346634366163373365323737643739626364353462663066616637
-65663464386238656163383037656361343132346636666338646431373232393434363364333833
-33386461633433323937343335653839623139633832333266323834613466383633643435383537
-31393863646137356239626332356138623130656436353636353361356530623039373239376633
-34626261336566366261643961353066366639363836326664363439616638313837343231663133
-30663363376265393838383164663236303264323063363565323238366235373731346531363262
-63366561306639323962303737336434646361623662626438306136623635623666623462373237
-62323232393538666137323763656162376633383566353337346433623630306362646337333734
-63356435626435396634333662613839343235633031383230326262316137303539623436623830
-64363738616131333831663635613739343763356362373230343064333239633534346531363963
-3538
+62653832366533633630666164373335323639346135306332363862666664366665636331363763
+6130613737633137346130376266306439363232316163320a653036616261323530656531383962
+35623365323866346132303933353766633635663736346234663630306437393533663130336536
+6237623036636139360a656132396561646130646435306537326235616563643338623838373033
+30353131343363633031333165626465623635313239353131323363363564656337623265386230
+66376138363361396163316431346632666433396361356433353363336166646435393036633162
+63656430666435303365636236356537633239346565666361616366306666653236616232633434
+65323038643136346661343636346265393137336333663339336630386339393865633437363332
+32313937323566393761303065663039616530333639663266666133336630656535326638376665
+36363931313364616230346261316263386161643430333932653936623538613738333632353330
+39366164346166656430616466316264376437333263616466393963303339323234626331626661
+66373932396139636461306434343266373438663663613338306538343438313432353366323433
+38643431396532316239316230616661633064353463366331643763303239343835333338623163
+36356637316265376135633364386262363361333937653936663535376234393031633865313062
+34316333373139336634316366656632646130343539623231643839343362366238306537376563
+32613739366466366230313763616234393362666563336335636238663537383162376331376161
+64353736346332613962376335626163373662663231656263363232633663633565356336306633
+66386461633566623265623535373035346462613637303130373962393237346466323237333439
+35366163323033383839373866363733343030333464666362633031656332653138653439366639
+33386137616164323465663964393732373933313839383465323961323433356531306565376530
+32303132303936313639373935376130363237326661633831616131376138313231396138383232
+39303231323436366634343432316433383530323332613563656331363235336564663737306163
+34653937316132633661306138613161323230646363363764623034663664323464303634303230
+33623364646332396562333064336366363633633439373634316561393565316265616462616662
+31626339363239313462386664323666323131373363366430393734336566393031353563363836
+30353765313161633262623865376230373730663966663966626430613464643938303534333962
+37653963636565663037386438373530383930653463643535653536616661616531633032363763
+63393263353534373830313436646563633935303731386563323561623030376432616636616531
+61323463333862623036653963663436333334393435343332346235373736646135633161356539
+64396634613334643339626131646365616164623761613439356232383061353665336637336165
+38623266643663333236386237663033663436396235393636366166646662393264616661383036
+32376266636334663630626437326262303431613331626337356438386238303964383531323361
+62333763376335393134353865626661336161666234343165613430373932343861336236363639
+61393437353136343931343334666636656261346265633839636631316130653861303334653864
+33653965313333303534613835396332396637623539313138383435383861366238353564613634
+61623966623864636461306138643737636135303565626439373762366438303538393566643862
+32393335343065663332363064383737316638326131386435613735633633323537326234356261
+33393661626363373334666135396236613434643731353935323430653834356233383638613561
+31313266373265316361333635333664346663336139663231303430326133636538626365306435
+36643738363835363736
diff --git a/roles/mail/defaults/main.yml b/roles/mail/defaults/main.yml
index b08e602..81997f4 100644
--- a/roles/mail/defaults/main.yml
+++ b/roles/mail/defaults/main.yml
@@ -2,3 +2,9 @@
 
 mail_postsrsd_secret: "{{ vault_mail_postsrsd_secret }}"
 mail_srs_domain: "srs.{{ mail_domain }}"
+
+mailman3_site_owner: "mailman3@binary-kitchen.de"
+mailman3_dbname: "mailman3"
+mailman3_dbuser: "mailman3"
+mailman3_dbpass: "{{ vault_mail_mailman3_dbpass }}"
+mailman3_restadminpass: "{{ vault_mail_mailman3_restadminpass }}"
diff --git a/roles/mail/handlers/main.yml b/roles/mail/handlers/main.yml
index e9356ff..055848d 100644
--- a/roles/mail/handlers/main.yml
+++ b/roles/mail/handlers/main.yml
@@ -17,6 +17,9 @@
 - name: Restart rspamd
   service: name=rspamd state=restarted
 
+- name: Restart mailman3
+  service: name=mailman3 state=restarted
+
 - name: Run acertmgr
   command: /opt/acertmgr/acertmgr.py
 
diff --git a/roles/mail/tasks/main.yml b/roles/mail/tasks/main.yml
index b721b5f..5589724 100644
--- a/roles/mail/tasks/main.yml
+++ b/roles/mail/tasks/main.yml
@@ -19,6 +19,8 @@
   - fcgiwrap
   - mailman
   - mailman3-full
+  - python-psycopg2
+  - python3-psycopg2
   - postgresql
   - postfix
   - redis-server
@@ -125,6 +127,20 @@
   file: path=/etc/nginx/ssl/{{ mailman_domain }}.key owner=root mode=0400
   notify: Restart nginx
 
+- name: Configure PostgreSQL database
+  postgresql_db: name={{ mailman3_dbname }}
+  become: true
+  become_user: postgres
+
+- name: Configure PostgreSQL user
+  postgresql_user: db={{ mailman3_dbname }} name={{ mailman3_dbuser }} password={{ mailman3_dbpass }} priv=ALL state=present
+  become: true
+  become_user: postgres
+
+- name: Configure mailman3
+  template: src=mailman/mailman.cfg.j2 dest=/etc/mailman3/mailman.cfg
+  notify: Restart mailman3
+
 - name: Create postfix ssl directory
   file: path=/etc/postfix/ssl state=directory mode=0750 owner=postfix group=postfix
 
@@ -186,3 +202,6 @@
 
 - name: Start rspamd
   service: name=rspamd state=started enabled=yes
+
+- name: Start mailman3
+  service: name=mailman3 state=started enabled=yes
diff --git a/roles/mail/templates/mailman/mailman.cfg.j2 b/roles/mail/templates/mailman/mailman.cfg.j2
new file mode 100644
index 0000000..39e864d
--- /dev/null
+++ b/roles/mail/templates/mailman/mailman.cfg.j2
@@ -0,0 +1,68 @@
+[mailman]
+site_owner: {{ mailman3_site_owner }}
+noreply_address: noreply
+default_language: en
+sender_headers: from from_ reply-to sender
+email_commands_max_lines: 10
+pending_request_life: 3d
+cache_life: 7d
+pre_hook:
+post_hook:
+layout: debian
+filtered_messages_are_preservable: no
+html_to_plain_text_command: /usr/bin/lynx -dump $filename
+listname_chars: [-_.0-9a-z]
+
+[shell]
+prompt: >>>
+banner: Welcome to the GNU Mailman shell
+use_ipython: no
+history_file:
+
+[paths.debian]
+var_dir: /var/lib/mailman3
+queue_dir: $var_dir/queue
+bin_dir: /usr/lib/mailman3/bin
+list_data_dir: $var_dir/lists
+log_dir: /var/log/mailman3
+lock_dir: $var_dir/locks
+data_dir: $var_dir/data
+cache_dir: $var_dir/cache
+etc_dir: /etc/mailman3
+ext_dir: $var_dir/ext
+messages_dir: $var_dir/messages
+archive_dir: $var_dir/archives
+template_dir: $var_dir/templates
+pid_file: /run/mailman3/master.pid
+lock_file: $lock_dir/master.lck
+
+[database]
+class: mailman.database.postgresql.PostgreSQLDatabase
+url: postgres://{{ mailman3_dbuser }}:{{ mailman3_dbpass }}@localhost/{{ mailman3_dbname }}
+debug: no
+
+[logging.debian]
+format: %(asctime)s (%(process)d) %(message)s
+datefmt: %b %d %H:%M:%S %Y
+propagate: no
+level: info
+path: mailman.log
+[webservice]
+hostname: localhost
+port: 8001
+use_https: no
+show_tracebacks: yes
+api_version: 3.1
+admin_user: restadmin
+admin_pass: {{ mailman3_restadminpass }}
+
+[mta]
+incoming: mailman.mta.postfix.LMTP
+outgoing: mailman.mta.deliver.deliver
+smtp_host: localhost
+smtp_port: 25
+smtp_user:
+smtp_pass:
+lmtp_host: 127.0.0.1
+lmtp_port: 8024
+configuration: python:mailman.config.postfix