diff --git a/.yamllint b/.yamllint
new file mode 100644
index 0000000000000000000000000000000000000000..cca80e2e16c9ee5298e8a5bcf9f77c130fdc3d8e
--- /dev/null
+++ b/.yamllint
@@ -0,0 +1,19 @@
+---
+
+extends: default
+
+rules:
+  comments-indentation:
+    level: warning
+  document-start:
+    level: error
+  empty-lines:
+    max: 1
+  empty-values:
+    forbid-in-flow-mappings: true
+    forbid-in-block-mappings: true
+  line-length:
+    level: warning
+  octal-values:
+    forbid-implicit-octal: true
+    level: warning
diff --git a/dovecot/defaults/main.yml b/dovecot/defaults/main.yml
index 69f0c0ae1953dfcf2c62d606d29fa4b9698c5dc3..a6371128fded0c70bc0d13c6792c5b54398ef93d 100644
--- a/dovecot/defaults/main.yml
+++ b/dovecot/defaults/main.yml
@@ -6,8 +6,8 @@ dovecot_mail_location: "maildir:~/mail:LAYOUT=fs"
 dovecot_maildir_separator: /
 dovecot_deny_users: []
 dovecot_users_group: users
-dovecot_auth_virtual: no
-dovecot_auth_system: yes
+dovecot_auth_virtual: false
+dovecot_auth_system: true
 dovecot_min_uid: 500
 dovecot_max_uid: 0
 
@@ -18,13 +18,14 @@ dovecot_tls_ciphers: "{{ tls_ciphers }}"
 dovecot_tls_dh_length: 4096
 dovecot_tls_protocols: 'TLSv1.1 TLSv1.2 !SSLv3'
 
-dovecot_dsync: no
-dovecot_dsync_tls: no
+dovecot_dsync: false
+dovecot_dsync_tls: false
 dovecot_dsync_group: dovecot
 dovecot_dsync_address: '0.0.0.0'
+# yamllint disable-line rule:line-length
 dovecot_dsync_password: "{{ lookup('passwordstore', dovecot_dsync_passwordstore ~ ' create=true length=20') }}"
 dovecot_dsync_passwordstore: dsync
 dovecot_dsync_host_attribute: ansible_host
 
-dovecot_content_filter: no
+dovecot_content_filter: false
 dovecot_spam_folder: Spam
diff --git a/dovecot/tasks/main.yml b/dovecot/tasks/main.yml
index c671fccdf07f5f153e0b6e18b0c9a0930736160e..6182ae10d17c5d754bc94f3d8dfb3ea40b68f753 100644
--- a/dovecot/tasks/main.yml
+++ b/dovecot/tasks/main.yml
@@ -9,7 +9,7 @@
       - dovecot-managesieved
       - dovecot-sieve
     state: present
-  tags: 
+  tags:
     - dovecot
     - mail
 
@@ -42,7 +42,7 @@
     state: directory
     owner: dovecot
     group: "{{ dovecot_users_group }}"
-    mode: 0755
+    mode: '0755'
   tags:
     - dovecot
     - mail
@@ -51,7 +51,7 @@
   template:
     src: "sieve/{{ item }}.j2"
     dest: "/var/lib/dovecot/sieve.d/{{ item }}"
-    mode: 0550
+    mode: '0550'
     owner: dovecot
     group: "{{ dovecot_users_group }}"
   with_items:
@@ -70,7 +70,7 @@
   copy:
     src: "{{ item }}"
     dest: "/var/lib/dovecot/sieve.d/{{ item }}"
-    mode: 0750
+    mode: '0750'
     owner: dovecot
     group: "{{ dovecot_users_group }}"
   with_items:
@@ -97,8 +97,7 @@
   service:
     name: dovecot
     state: started
-    enabled: yes
+    enabled: true
   tags:
     - dovecot
     - mail
-
diff --git a/postfix/defaults/main.yml b/postfix/defaults/main.yml
index 111ed787f4d13b8e02862d15b8bdac93bd546f51..416ef41d6a4d36aed31cb748e63855d3c08d89cb 100644
--- a/postfix/defaults/main.yml
+++ b/postfix/defaults/main.yml
@@ -9,8 +9,8 @@ postfix_tls_key: /etc/ssl/private/privkey.pem
 postfix_tls_ciphers: "{{ tls_ciphers }}"
 postfix_tls_protocols: '!SSLv2 !SSLv3'
 
-postfix_prefer_lmtp: no
-postfix_enable_memcached: no
+postfix_prefer_lmtp: false
+postfix_enable_memcached: false
 postfix_login_suffix: ''
 postfix_dnsbl_sites:
   - name: zen.spamhaus.org
@@ -21,6 +21,6 @@ postfix_dnsbl_sites:
   - name: list.dnswl.org
     modifier: -5
 postfix_network_access:
-  - cidr: 134.130.5.32/27 # rwth
+  - cidr: 134.130.5.32/27  # rwth
     action: permit
-postfix_content_filter: no # or: spamassassin
+postfix_content_filter: false  # or: spamassassin
diff --git a/postfix/handlers/main.yml b/postfix/handlers/main.yml
index 0c29612f2b054f8c8a4255c86d083625a7867da6..5c07705da52914e739b688edfe443efd307f45b9 100644
--- a/postfix/handlers/main.yml
+++ b/postfix/handlers/main.yml
@@ -11,4 +11,3 @@
 
 - name: postmap virtual
   command: postmap cdb:/etc/postfix/virtual
-
diff --git a/postfix/tasks/main.yml b/postfix/tasks/main.yml
index 29105b6b2798d3334c2d025b89770c803e3ee2b8..089e0dd0f079b7ac2817b60af2e65d211ce4880d 100644
--- a/postfix/tasks/main.yml
+++ b/postfix/tasks/main.yml
@@ -7,7 +7,7 @@
       - postfix-pcre
       - postfix-cdb
     state: present
-  tags: 
+  tags:
     - postfix
     - mail
 
@@ -29,7 +29,7 @@
     - master.cf
     - main.cf
     - postscreen_access.cidr
-  notify: 
+  notify:
     - restart postfix
   tags:
     - postfix
@@ -56,7 +56,7 @@
   tags:
     - postfix
     - mail
-    
+
 - name: ensure system alias database is present
   template:
     src: aliases.j2
diff --git a/prosody/defaults/main.yml b/prosody/defaults/main.yml
index 42019735e7a47cb5065c073106320b314f0c2f20..12d80f0125fdebc00b62294987cd959803aa00ec 100644
--- a/prosody/defaults/main.yml
+++ b/prosody/defaults/main.yml
@@ -1,13 +1,14 @@
 ---
 
+# yamllint disable rule:line-length rule:colons
 prosody_modules:
-  - name:        "posix" 
+  - name:        "posix"
     description: "POSIX functionality, sends server to background, enables syslog, etc."
   - name:        "blocking"
     description: "For XEP-0191 Simple Communications Blocking."
   - name:        "csi"
     description: "For XEP-0352 Client State Indication"
-  - name:        "throttle_presence" 
+  - name:        "throttle_presence"
     description: "Supress presence updates if CSI is enabled"
   - name:        "filter_chatstates"
     description: "Supress chatstate updates (someone is typing...) if CSI is enabled"
@@ -23,6 +24,7 @@ prosody_modules:
     description: "Private XML storage (for room bookmarks, etc.)"
   - name:        "vcard"
     description: "Allow users to set vCards"
+# yamllint enable rule:line-length rule:colons
 
 prosody_config_files:
   - prosody
@@ -30,5 +32,3 @@ prosody_config_files:
 
 prosody_user: prosody
 prosody_db: prosody
-
-
diff --git a/prosody/tasks/main.yml b/prosody/tasks/main.yml
index a6110a90ac0d9c489a1c6ba0b0aa92d07b345566..45deeb2f5c77f1a155cd2194228c131bdb0cf0e0 100644
--- a/prosody/tasks/main.yml
+++ b/prosody/tasks/main.yml
@@ -49,7 +49,7 @@
   service:
     name: prosody
     state: started
-    enabled: yes
+    enabled: true
   tags:
     - prosody
 
diff --git a/prosody/tasks/postgres.yml b/prosody/tasks/postgres.yml
index 2a852c44afc3b2f89652e8c61d79d1fecd1ecad9..7f1c4f52dd32daf8a72e7751f1aea858ed63c934 100644
--- a/prosody/tasks/postgres.yml
+++ b/prosody/tasks/postgres.yml
@@ -4,17 +4,17 @@
   postgresql_user:
     name: "{{ db_user }}"
     state: present
-  become: yes
+  become: true
   become_user: postgres
   tags:
     - postgres
-    
+
 - name: ensure we have a postgres database
   postgresql_db:
     name: "{{ db_name }}"
     owner: "{{ db_user }}"
     state: present
-  become: yes
+  become: true
   become_user: postgres
   tags:
     - postgres
@@ -26,7 +26,7 @@
     privs: ALL
     state: present
     type: database
-  become: yes
+  become: true
   become_user: postgres
   tags:
     - postgres
diff --git a/spamassassin/defaults/main.yml b/spamassassin/defaults/main.yml
index b994f66ac0dc881d5271498dcfa4b4ad494c8c4b..7be2c339285147c44c4a1557ca28a6871d03827d 100644
--- a/spamassassin/defaults/main.yml
+++ b/spamassassin/defaults/main.yml
@@ -1,4 +1,4 @@
 ---
 
-spamassassin_rewrite_subject: no
+spamassassin_rewrite_subject: false
 spamassassin_required_score: '3.0'
diff --git a/spamassassin/tasks/main.yml b/spamassassin/tasks/main.yml
index 22be411ef04927807de8cd9e144d4036f3ec3675..5062acd25fd0590a88a2b5b70e8ed739a5453210 100644
--- a/spamassassin/tasks/main.yml
+++ b/spamassassin/tasks/main.yml
@@ -16,7 +16,7 @@
     dest: /etc/spamassassin/local.cf
     owner: root
     group: root
-    mode: 0644
+    mode: '0644'
   tags:
     - mail
     - spamassassin
@@ -27,7 +27,7 @@
     dest: /etc/default/spamassassin
     owner: root
     group: root
-    mode: 0644
+    mode: '0644'
   tags:
     - mail
     - spamassassin
@@ -36,7 +36,7 @@
   service:
     name: spamassassin
     state: started
-    enabled: yes
+    enabled: true
   tags:
     - mail
     - spamassassin