diff --git a/site-cookbooks/kosmos-postfix/recipes/default.rb b/site-cookbooks/kosmos-postfix/recipes/default.rb
index 53e0837..f201280 100644
--- a/site-cookbooks/kosmos-postfix/recipes/default.rb
+++ b/site-cookbooks/kosmos-postfix/recipes/default.rb
@@ -10,13 +10,11 @@ return if node.run_list.roles.include?("email_server")
 
 smtp_credentials = Chef::EncryptedDataBagItem.load('credentials', 'smtp')
 
-node.default['postfix']['sasl']['smtp_sasl_user_name']        = smtp_credentials['user_name']
-node.default['postfix']['sasl']['smtp_sasl_passwd']           = smtp_credentials['password']
-node.default['postfix']['sasl_password_file']                 = "#{node['postfix']['conf_dir']}/sasl_passwd"
-# Postfix doesn't support smtps relayhost, use STARTSSL instead
-node.default['postfix']['main']['relayhost']                  = smtp_credentials['relayhost']
-node.default['postfix']['main']['smtp_sasl_auth_enable']      = 'yes'
-node.default['postfix']['main']['smtp_sasl_password_maps']    = "hash:#{node['postfix']['sasl_password_file']}"
-node.default['postfix']['main']['smtp_sasl_security_options'] = 'noanonymous'
+node.default["postfix"]["sasl"] = {
+  smtp_credentials["relayhost"] => {
+    "username" => smtp_credentials["user_name"],
+    "password" => smtp_credentials["password"]
+  }
+}
 
 include_recipe 'postfix::default'