diff --git a/group_vars/nms.yml b/group_vars/nms.yml
index c197c59..33851b3 100644
--- a/group_vars/nms.yml
+++ b/group_vars/nms.yml
@@ -12,6 +12,7 @@ network_vip_interfaces:
 
 firewall_in:
   - {proto: tcp, port: 22, from: [172.20.20.0/22]}
+  - {proto: tcp, port: 25, from: [172.20.25.0/24]}
   - {proto: udp, port: 69, from: [172.20.25.0/24]}
   - {proto: udp, port: 123, from: [172.20.25.0/24]}
   - {proto: udp, port: 514, from: [172.20.25.0/24]}
diff --git a/playbooks/nms.yml b/playbooks/nms.yml
index 4e68d6f..a73d587 100644
--- a/playbooks/nms.yml
+++ b/playbooks/nms.yml
@@ -30,6 +30,11 @@
     - import_role:
         name: rsyslog
         tasks_from: udp-listen
+    - import_role:
+        name: postfix
+        tasks_from: relay
+      vars:
+        relay_domains: [foo.sh]
 
     # convert this to role for restart support
     - name: enable ntp server for oob network