diff --git a/postfix/handlers/main.yml b/postfix/handlers/main.yml
index e2fa640b4e628462e2a419e1d6b56bec466221b4..0c29612f2b054f8c8a4255c86d083625a7867da6 100644
--- a/postfix/handlers/main.yml
+++ b/postfix/handlers/main.yml
@@ -3,6 +3,9 @@
 - name: restart postfix
   service: name=postfix state=restarted
 
+- name: restart memcached
+  service: name=memcached state=restarted
+
 - name: postmap system
   command: postalias cdb:/etc/aliases
 
diff --git a/postfix/tasks/main.yml b/postfix/tasks/main.yml
index b50ddd8c75c75dfe6b0b4d93ccbf354fccc791e1..84b5888151b525210047dfed2be0b7583158ee18 100644
--- a/postfix/tasks/main.yml
+++ b/postfix/tasks/main.yml
@@ -34,6 +34,14 @@
   tags:
     - postfix
     - mail
+
+- name: ensure memcached config is present
+  template: src=templates/memcached.conf dest=/etc/memcached.conf
+  notify:
+    - restart memcached
+  tags:
+    - postfix
+    - mail
     
 - name: ensure system alias database is present
   template: src=templates/aliases.j2 dest=/etc/aliases
diff --git a/postfix/templates/memcached.conf.j2 b/postfix/templates/memcached.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..c1d6ac1f4dfad1933fc08f1e2149eb50204cd384
--- /dev/null
+++ b/postfix/templates/memcached.conf.j2
@@ -0,0 +1,47 @@
+# memcached default config file
+# 2003 - Jay Bonci <jaybonci@debian.org>
+# This configuration file is read by the start-memcached script provided as
+# part of the Debian GNU/Linux distribution.
+
+# Run memcached as a daemon. This command is implied, and is not needed for the
+# daemon to run. See the README.Debian that comes with this package for more
+# information.
+-d
+
+# Log memcached's output to /var/log/memcached
+logfile /var/log/memcached.log
+
+# Be verbose
+# -v
+
+# Be even more verbose (print client commands as well)
+# -vv
+
+# Start with a cap of 64 megs of memory. It's reasonable, and the daemon default
+# Note that the daemon will grow to this size, but does not start out holding this much
+# memory
+-m 64
+
+# Default connection port is 11211
+-p 11211
+
+# Run the daemon as root. The start-memcached will default to running as root if no
+# -u command is present in this config file
+-u memcache
+
+# Specify which IP address to listen on. The default is to listen on all IP addresses
+# This parameter is one of the only security measures that memcached has, so make sure
+# it's listening on a firewalled interface.
+-l {{ tinc_vpnip }}
+
+# Limit the number of simultaneous incoming connections. The daemon default is 1024
+# -c 1024
+
+# Lock down all paged memory. Consult with the README and homepage before you do this
+# -k
+
+# Return error when memory is exhausted (rather than removing items)
+# -M
+
+# Maximize core file limit
+# -r