diff --git a/flake.nix b/flake.nix
index 432cf3d..761a0e9 100644
--- a/flake.nix
+++ b/flake.nix
@@ -78,7 +78,7 @@
           ./system/web-server/radicale.nix
           ./system/web-server/outline.nix
           ./system/web-server/jenkins.nix
-          ./system/web-server/mail.nix
+          ./system/web-server/mail
           ./system/web-server/ksh-map.nix
           ./system/web-server/fundkorb-button.nix
         ];
diff --git a/system/web-server/mail/default.nix b/system/web-server/mail/default.nix
index fe3d548..45d91b7 100644
--- a/system/web-server/mail/default.nix
+++ b/system/web-server/mail/default.nix
@@ -3,6 +3,7 @@
 {
   imports = [
     ./postfix.nix
+    ./dkim.nix
     ./dovecot.nix
     ./roundcube.nix
   ];
diff --git a/system/web-server/mail/dkim.nix b/system/web-server/mail/dkim.nix
new file mode 100644
index 0000000..32394a9
--- /dev/null
+++ b/system/web-server/mail/dkim.nix
@@ -0,0 +1,14 @@
+{ config, pkgs, ... }:
+
+{
+  services.opendkim = {
+    enable = true;
+    domains = "csl:ktiu.net,t9e.me";
+    selector = "202412";
+    settings.UMask = "007";
+  };
+
+  users.users.postfix.extraGroups = [ "opendkim" ];
+
+  services.postfix.config.smtpd_milters = [ "unix:/run/opendkim/opendkim.sock" ];
+}
diff --git a/system/web-server/mail/dovecot.nix b/system/web-server/mail/dovecot.nix
new file mode 100644
index 0000000..2b6031d
--- /dev/null
+++ b/system/web-server/mail/dovecot.nix
@@ -0,0 +1,65 @@
+{ config, pkgs, ... }:
+
+{
+  networking.firewall.allowedTCPPorts = [
+    993 # IMAP
+  ];
+
+  security.acme.certs."${config.networking.fqdn}-dovecot" = {
+    domain = config.networking.fqdn;
+    webroot = "/var/lib/acme/.challenges";
+    group = config.services.dovecot2.group;
+  };
+
+  users.groups."vmail" = {};
+  users.users."vmail" = {
+    group = "vmail";
+    isSystemUser = true;
+  };
+
+  services.dovecot2 = {
+    enable = true;
+    sslServerKey = config.security.acme.certs."${config.networking.fqdn}-dovecot".directory + "/key.pem";
+    sslServerCert = config.security.acme.certs."${config.networking.fqdn}-dovecot".directory + "/cert.pem";
+    mailboxes = {
+      Junk = { specialUse = "Junk"; auto = "subscribe"; };
+      Sent = { specialUse = "Sent"; auto = "subscribe"; };
+      Drafts = { specialUse = "Drafts"; auto = "subscribe"; };
+      Trash = { specialUse = "Trash"; auto = "subscribe"; };
+      Archive = { specialUse = "Archive"; auto = "subscribe"; };
+    };
+    mailUser = "vmail";
+    mailGroup = "vmail";
+    enablePAM = false;
+    enableLmtp = true;
+    mailLocation = "maildir:/var/spool/mail/vmail/mailboxes/%u";
+    extraConfig = ''
+      ssl = required
+      service auth {
+        unix_listener auth {
+          mode = 0660
+          user = postfix
+          group = postfix
+        }
+      }
+      mail_home = /var/spool/mail/vmail/users/%u
+      passdb {
+        driver = passwd-file
+        args = /var/custom-access/dovecot.passwd
+      }
+      userdb {
+        driver = passwd-file
+        args = /var/custom-access/dovecot.passwd
+        default_fields = uid=vmail gid=vmail home=/var/spool/mail/vmail/users/%u
+      }
+      service lmtp {
+        unix_listener lmtp {
+          group = postfix
+          mode = 0600
+          user = postfix
+        }
+      }
+    '';
+  };
+
+}
diff --git a/system/web-server/mail.nix b/system/web-server/mail/postfix.nix
similarity index 51%
rename from system/web-server/mail.nix
rename to system/web-server/mail/postfix.nix
index 51f82b7..a00fba8 100644
--- a/system/web-server/mail.nix
+++ b/system/web-server/mail/postfix.nix
@@ -14,19 +14,10 @@ let
 in {
 
   networking.firewall.allowedTCPPorts = [
-    993 # IMAP
     25  # SMTP
     587 # SMTP w/ TLS
   ];
 
-  services.opendkim = {
-    enable = true;
-    domains = "csl:ktiu.net,t9e.me";
-    selector = "202412";
-    settings.UMask = "007";
-  };
-  users.users.postfix.extraGroups = [ "opendkim" ];
-
   security.acme.certs."${config.networking.fqdn}-postfix" = {
     domain = config.networking.fqdn;
     webroot = "/var/lib/acme/.challenges";
@@ -52,7 +43,6 @@ in {
       virtual_mailbox_maps = "hash:/etc/postfix/virtual-mailboxes";
       virtual_transport = "lmtp:unix:/var/run/dovecot2/lmtp";
       smtpd_tls_security_level = "may";
-      smtpd_milters = [ "unix:/run/opendkim/opendkim.sock" ];
     };
 
     networks = [
@@ -88,75 +78,4 @@ in {
       };
     };
   };
-
-  security.acme.certs."${config.networking.fqdn}-dovecot" = {
-    domain = config.networking.fqdn;
-    webroot = "/var/lib/acme/.challenges";
-    group = config.services.dovecot2.group;
-  };
-
-  users.groups."vmail" = {};
-  users.users."vmail" = {
-    group = "vmail";
-    isSystemUser = true;
-  };
-
-  services.dovecot2 = {
-    enable = true;
-    sslServerKey = config.security.acme.certs."${config.networking.fqdn}-dovecot".directory + "/key.pem";
-    sslServerCert = config.security.acme.certs."${config.networking.fqdn}-dovecot".directory + "/cert.pem";
-    mailboxes = {
-      Junk = { specialUse = "Junk"; auto = "subscribe"; };
-      Sent = { specialUse = "Sent"; auto = "subscribe"; };
-      Drafts = { specialUse = "Drafts"; auto = "subscribe"; };
-      Trash = { specialUse = "Trash"; auto = "subscribe"; };
-      Archive = { specialUse = "Archive"; auto = "subscribe"; };
-    };
-    mailUser = "vmail";
-    mailGroup = "vmail";
-    enablePAM = false;
-    enableLmtp = true;
-    mailLocation = "maildir:/var/spool/mail/vmail/mailboxes/%u";
-    extraConfig = ''
-      ssl = required
-      service auth {
-        unix_listener auth {
-          mode = 0660
-          user = postfix
-          group = postfix
-        }
-      }
-      passdb {
-        driver = passwd-file
-        args = /var/custom-access/dovecot.passwd
-      }
-      userdb {
-        driver = passwd-file
-        args = /var/custom-access/dovecot.passwd
-        default_fields = uid=vmail gid=vmail home=/var/spool/mail/vmail/users/%u
-      }
-      service lmtp {
-        unix_listener lmtp {
-          group = postfix
-          mode = 0600
-          user = postfix
-        }
-      }
-    '';
-  };
-
-  services.roundcube = {
-    enable = true;
-    hostName = "webmail.ktiu.net";
-    extraConfig = ''
-      $config['smtp_host'] = 'tls://%h';
-      $config['smtp_conn_options'] = [
-        'ssl' => [
-          'verify_peer' => false,
-          'verify_peer_name' => false,
-        ],
-      ];
-    '';
-  };
-
 }
diff --git a/system/web-server/mail/roundcube.nix b/system/web-server/mail/roundcube.nix
new file mode 100644
index 0000000..a8e704d
--- /dev/null
+++ b/system/web-server/mail/roundcube.nix
@@ -0,0 +1,17 @@
+{ config, pkgs, ... }:
+
+{
+  services.roundcube = {
+    enable = true;
+    hostName = "webmail.ktiu.net";
+    extraConfig = ''
+      $config['smtp_host'] = 'tls://%h';
+      $config['smtp_conn_options'] = [
+        'ssl' => [
+          'verify_peer' => false,
+          'verify_peer_name' => false,
+        ],
+      ];
+    '';
+  };
+}
diff --git a/system/web-server/outline.nix b/system/web-server/outline.nix
index 80e2635..7a2b699 100644
--- a/system/web-server/outline.nix
+++ b/system/web-server/outline.nix
@@ -18,16 +18,15 @@ in {
     enable = true;
     publicUrl = "https://${outline.hostname}";
     storage.storageType = "local";
+    defaultLanguage = "de_DE";
 
     smtp = {
       username = "outline";
-      passwordFile = "/var/custom-access/outline-smtp-password.txt";
+      passwordFile = "/dev/null";
       fromEmail = outline.mail;
-      replyEmail = outline.mail;
-      # host = "arielle.ktiu.net";
+      replyEmail = config.services.outline.smtp.fromEmail;
       host = "localhost";
       secure = false;
-      # port = 587;
       port = 25;
     };