diff --git a/defaults/main.yml b/defaults/main.yml
index c8d9a89..d85c4b1 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,3 +1,9 @@
 ---
 # should we do a version check? (recomended)
 submodules_versioncheck: false
+
+# rspamd config
+rspamd__config_path: '/etc/rspamd/local.d/'
+rspamd__admin_password: 'ChangeMePl3ase'
+rspamd__redis_server: '127.0.0.1'
+rspamd__multimap_conf_file: 'templates/multimap.conf.j2'
diff --git a/files/classifier-bayes.conf b/files/classifier-bayes.conf
new file mode 100644
index 0000000..d83f163
--- /dev/null
+++ b/files/classifier-bayes.conf
@@ -0,0 +1 @@
+autolearn = true;
diff --git a/files/logging.inc b/files/logging.inc
new file mode 100644
index 0000000..3152503
--- /dev/null
+++ b/files/logging.inc
@@ -0,0 +1,2 @@
+type = "syslog";
+level = "warning";
diff --git a/files/milter_headers.conf b/files/milter_headers.conf
new file mode 100644
index 0000000..73bc830
--- /dev/null
+++ b/files/milter_headers.conf
@@ -0,0 +1,2 @@
+use = ["x-spamd-bar", "x-spam-level", "authentication-results"];
+authenticated_headers = ["authentication-results"];
diff --git a/files/multimap.conf b/files/multimap.conf
new file mode 100644
index 0000000..c0f51c2
--- /dev/null
+++ b/files/multimap.conf
@@ -0,0 +1,27 @@
+WHITELIST_IP {
+    type = "ip";
+    map = "$CONFDIR/local.d/whitelist_ip.map";
+    description = "Local ip whitelist";
+    action = "accept";
+}
+
+WHITELIST_FROM {
+        type = "from";
+        map = "$CONFDIR/local.d/whitelist_from.map";
+        description = "Local from whitelist";
+        action = "accept";
+}
+
+BLACKLIST_IP {
+        type = "ip";
+        map = "$CONFDIR/local.d/blacklist_ip.map";
+        description = "Local ip blacklist";
+        action = "reject";
+}
+
+BLACKLIST_FROM {
+        type = "from";
+        map = "$CONFDIR/local.d/blacklist_from.map";
+        description = "Local from blacklist";
+        action = "reject";
+}
diff --git a/tasks/configure.yml b/tasks/configure.yml
new file mode 100644
index 0000000..c4e1896
--- /dev/null
+++ b/tasks/configure.yml
@@ -0,0 +1,49 @@
+---
+- name: Einstellung des Worker controllers
+  become: true
+  ansible.builtin.template:
+    src: templates/worker-controller.inc.j2
+    dest: "{{ rspamd__config_path }}worker-controller.inc"
+    mode: '0640'
+
+- name: Einstellung des logging
+  become: true
+  ansible.builtin.copy:
+    src: files/logging.inc
+    dest: "{{ rspamd__config_path }}logging.inc"
+    mode: '0640'
+
+- name: milter_headers.conf
+  become: true
+  ansible.builtin.copy:
+    src: files/milter_headers.conf
+    dest: "{{ rspamd__config_path }}milter_headers.conf"
+    mode: '0640'
+
+- name: milter_headers.conf
+  become: true
+  ansible.builtin.copy:
+    src: files/classifier-bayes.conf
+    dest: "{{ rspamd__config_path }}classifier-bayes.conf"
+    mode: '0640'
+
+- name: Einstellug der redis.conf
+  become: true
+  ansible.builtin.template:
+    src: templates/redis.conf.j2
+    dest: "{{ rspamd__config_path }}redis.conf"
+    mode: '0640'
+
+- name: classifier-bayes.conf
+  become: true
+  ansible.builtin.copy:
+    src: files/classifier-bayes.conf
+    dest: "{{ rspamd__config_path }}classifier-bayes.conf"
+    mode: '0640'
+
+- name: Einstellug der eignene black/whitelist
+  become: true
+  ansible.builtin.copy:
+    src: "{{ rspamd__multimap_conf_file }}"
+    dest: "{{ rspamd__config_path }}multimap.conf"
+    mode: '0640'
diff --git a/tasks/main.yml b/tasks/main.yml
index f4aeb63..abe162c 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -5,3 +5,6 @@
 - name: add apt repos and install rspamd
   include_tasks: packages.yml
   when: ansible_os_family == 'Debian'
+
+- name: configure rspamd
+  include_tasks: configure.yml
diff --git a/templates/redis.conf.j2 b/templates/redis.conf.j2
new file mode 100644
index 0000000..1a24ac3
--- /dev/null
+++ b/templates/redis.conf.j2
@@ -0,0 +1 @@
+servers = "{{ rspamd__redis_server }}"
diff --git a/templates/worker-controller.inc.j2 b/templates/worker-controller.inc.j2
new file mode 100644
index 0000000..32d97f3
--- /dev/null
+++ b/templates/worker-controller.inc.j2
@@ -0,0 +1 @@
+password = "{{ _rspamd__admin_password }}"
diff --git a/vars/main.yml b/vars/main.yml
index f45db43..b450c63 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,4 +1,6 @@
 ---
 # versionscheck
-playbook_version_number: 02   # should be a integer
+playbook_version_number: 3   # should be a integer
 playbook_version_path: 'do1jlr.rspamd.version'
+
+_rspamd__admin_password: "{{ rspamd__admin_password | password_hash('bcrypt') }}"