diff --git a/defaults/main.yml b/defaults/main.yml
index fc900c9..c0b7034 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -107,11 +107,16 @@ dovecot_submission_hostname: "{{ dovecot_container }}.{{ docker_network }}"
 dovecot_submission_relay_host: postfix
 dovecot_submission_relay_port: 587
 dovecot_submission_relay_trusted: yes
-# FIXME: add ssl/tls support
-dovecot_submission_relay_ssl: yes
+
+dovecot_submission_relay_ssl: starttls # ssmtp, starttls, no
 dovecot_submission_relay_ssl_verify: no
 dovecot_submission_relay_user: "%u"
 dovecot_submission_relay_password: "%w"
+dovecot_submission_relay_master_user: ""
+dovecot_submission_relay_rawlog_dir: ""
+
+# ca certs
+ssl_client_ca_dir: /etc/ssl/certs
 
 # antispam
 dovecot_antispam_enable: yes
diff --git a/tasks/main.yml b/tasks/main.yml
index d15cc20..32003ee 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -27,11 +27,11 @@
       SUBMISSION_RELAY_PORT: "{{ dovecot_submission_relay_port | string }}"
       SUBMISSION_RELAY_TRUSTED: "{{ 'yes' if dovecot_submission_relay_trusted else 'no' }}"
       SUBMISSION_RELAY_SSL_VERIFY: "{{ 'yes' if dovecot_submission_relay_ssl_verify else 'no' }}"
-      SUBMISSION_RELAY_SSL: "{{ 'yes' if dovecot_submission_relay_ssl else 'no' }}"
+      SUBMISSION_RELAY_SSL: "{{ dovecot_submission_relay_ssl }}"
       SUBMISSION_RELAY_USER: "{{ dovecot_submission_relay_user }}"
-      # SUBMISSION_RELAY_MASTER_USER:
       SUBMISSION_RELAY_PASSWORD: "{{ dovecot_submission_relay_password }}"
-      # SUBMISSION_RELAY_RAWLOG_DIR:
+      SUBMISSION_RELAY_MASTER_USER: "{{ dovecot_submission_relay_master_user }}"
+      SUBMISSION_RELAY_RAWLOG_DIR: "{{ dovecot_submission_relay_rawlog_dir }}"
       LDAP_ENABLE: "{{ 'yes' if dovecot_ldap_enable else '' }}"
       LDAP_HOSTS: "{{ dovecot_ldap_hosts | join(' ') }}"
       LDAP_URIS: "{{ dovecot_ldap_uris | join(' ') }}"
@@ -47,6 +47,7 @@
       LDAP_ITERATE_FILTER: "{{ dovecot_ldap_iterate_filter }}"
       LDAP_DEFAULT_PASS_SCHEME: "{{ dovecot_ldap_default_pass_scheme }}"
       ANTISPAM_ENABLE: "{{ 'yes' if dovecot_antispam_enable else '' }}"
+      SSL_CLIENT_CA_DIR: "{{ ssl_client_ca_dir }}"
   register: container
 
 - name: Exportar informacion de container