diff --git a/applications/email.nix b/applications/email.nix
index 8623613..017297d 100644
--- a/applications/email.nix
+++ b/applications/email.nix
@@ -110,6 +110,15 @@
       {record=cfg.host.ip; r_type="PTR"; value="${cfg.sub}.${cfg.domain}.";}
     ];
 
+    # to provide the certs
+    services.nginx.virtualHosts = {
+      "${cfg.sub}.${cfg.domain}" = {
+        forceSSL    = true;
+        useACMEHost = "skynet";
+        serverName  = "${cfg.sub}.${cfg.domain}";
+      };
+    };
+
     mailserver = {
       enable = true;
       fqdn = "${cfg.sub}.${cfg.domain}";
@@ -117,6 +126,9 @@
         cfg.domain
       ];
 
+      # use the letsencrypt certs
+      certificateScheme = "acme";
+
       # 20MB max size
       messageSizeLimit = 20000000;