diff --git a/flake.nix b/flake.nix
index 3544791..9ae386b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -39,7 +39,7 @@
             ./modules/gnupg.nix
             ./modules/graphical.nix
             ./modules/hw-accel-intel.nix
-            ./modules/mail.nix
+            ./modules/mail
             ./modules/radio.nix
             ./modules/science.nix
             ./modules/tlp.nix
diff --git a/modules/mail.nix b/modules/mail.nix
deleted file mode 100644
index f3aa5bf..0000000
--- a/modules/mail.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ pkgs, ... }: {
-  environment.systemPackages = with pkgs; [
-    isync
-    msmtp
-    neomutt
-    notmuch
-    pass
-    w3m
-  ];
-
-  programs.msmtp.enable = true;
-}
diff --git a/modules/mail/default.nix b/modules/mail/default.nix
new file mode 100644
index 0000000..55e58c7
--- /dev/null
+++ b/modules/mail/default.nix
@@ -0,0 +1,88 @@
+{ config, pkgs, ... }:
+let
+  mbsyncConf = ./mbsyncrc;
+in
+{
+  environment.systemPackages = with pkgs; [
+    isync
+    msmtp
+    neomutt
+    notmuch
+    pass
+    w3m
+  ];
+
+  sops.secrets = {
+    "mail/oxapentane.com" = {
+      owner = config.users.users.grue.name;
+    };
+    "mail/shipunov.xyz" = {
+      owner = config.users.users.grue.name;
+    };
+    "mail/dvb.solutions" = {
+      owner = config.users.users.grue.name;
+    };
+  };
+
+  programs.msmtp = {
+    enable = true;
+    setSendmail = true;
+    defaults = {
+        tls_trust_file = "/etc/ssl/certs/ca-certificates.crt";
+        logfile = "/tmp/msmtp.log";
+    };
+    accounts = {
+      "mail@oxapentane.com" = {
+        host = "smtp.migadu.com";
+        port = 578;
+        from = "*@oxapentane.com";
+        user = "mail@oxapentane.com";
+        passwordeval = "cat ${config.sops.secrets."mail/oxapentane.com".path}";
+        auth = "on";
+        tls = "on";
+      };
+      "grigory@shipunov.xyz" = {
+        host = "smtp.migadu.com";
+        port = 578;
+        from = "*@shipunov.xyz";
+        user = "mail@oxapentane.com";
+        passwordeval = "cat ${config.sops.secrets."mail/shipunov.xyz".path}";
+        auth = "on";
+        tls = "on";
+      };
+      "dump@dvb.solutions" = {
+        host = "smtp.migadu.com";
+        port = 578;
+        from = "dump@dvb.solutions";
+        user = "dump@dvb.solutions";
+        passwordeval = "cat ${config.sops.secrets."mail/dvb.solutions".path}";
+        auth = "on";
+        tls = "on";
+      };
+    };
+  };
+systemd.user = {
+
+    services.mbsync = {
+      enable = true;
+      after = [ "graphical.target" "network-online.target" ];
+      script = ''
+        ${pkgs.isync}/bin/mbsync -a --config=${mbsyncConf}
+      '';
+      serviceConfig = {
+        Type = "oneshot";
+      };
+    };
+
+    timers.mbsync = {
+      enable = true;
+      wantedBy = [ "timers.target" ];
+      timerConfig = {
+        Unit = "mbsync.service";
+        OnUnitInactiveSec = "11m";
+        Persistent = true;
+      };
+    };
+
+  };
+}
diff --git a/modules/mail/mbsyncrc b/modules/mail/mbsyncrc
new file mode 100644
index 0000000..d3c974c
--- /dev/null
+++ b/modules/mail/mbsyncrc
@@ -0,0 +1,74 @@
+IMAPStore mail@oxapentane.com-remote
+Host imap.migadu.com
+Port 993
+User mail@oxapentane.com
+PassCmd "cat /run/secrets/mail/oxapentane.com"
+AuthMechs LOGIN
+SSLType IMAPS
+
+MaildirStore mail@oxapentane.com-local
+Subfolders Verbatim
+Path /home/grue/mail/mail@oxapentane.com/
+Inbox /home/grue/mail/mail@oxapentane.com/INBOX
+
+Channel mail@oxapentane.com
+Expunge Both
+Master :mail@oxapentane.com-remote:
+Slave :mail@oxapentane.com-local:
+Create Both
+SyncState *
+Patterns *
+MaxMessages 0
+ExpireUnread no
+# End profile
+
+
+IMAPStore grigory@shipunov.xyz-remote
+Host imap.migadu.com
+Port 993
+User grigory@shipunov.xyz
+PassCmd "cat /run/secrets/mail/shipunov.xyz"
+AuthMechs LOGIN
+SSLType IMAPS
+
+MaildirStore grigory@shipunov.xyz-local
+Subfolders Verbatim
+Path /home/grue/mail/grigory@shipunov.xyz/
+Inbox /home/grue/mail/grigory@shipunov.xyz/INBOX
+
+Channel grigory@shipunov.xyz
+Expunge Both
+Master :grigory@shipunov.xyz-remote:
+Slave :grigory@shipunov.xyz-local:
+Create Both
+SyncState *
+Patterns *
+MaxMessages 0
+ExpireUnread no
+# End profile
+
+
+IMAPStore dump@dvb.solutions-remote
+Host imap.migadu.com
+Port 993
+User dump@dvb.solutions
+PassCmd "cat /run/secrets/mail/dvb.solutions"
+AuthMechs LOGIN
+SSLType IMAPS
+
+MaildirStore dump@dvb.solutions-local
+Subfolders Verbatim
+Path /home/grue/mail/dump@dvb.solutions/
+Inbox /home/grue/mail/dump@dvb.solutions/INBOX
+
+Channel dump@dvb.solutions
+Expunge Both
+Master :dump@dvb.solutions-remote:
+Slave :dump@dvb.solutions-local:
+Create Both
+SyncState *
+Patterns *
+MaxMessages 0
+ExpireUnread no
+# End profile
+
diff --git a/secrets/microwave/secrets.yaml b/secrets/microwave/secrets.yaml
index 4ab3d2c..a10b4f7 100644
--- a/secrets/microwave/secrets.yaml
+++ b/secrets/microwave/secrets.yaml
@@ -3,6 +3,10 @@ wg:
     wg-dvb-seckey: ENC[AES256_GCM,data:a1OuEOnSwCqwfL6+TYhyU1lkRcDeW2wAJetytc8ry8kJicPGMkqSHJvRdBs=,iv:oS1olgSuhR3J0LW8OSDSYMSHxxhBehdEP0VnQIKqOAM=,tag:CXkL5lOF91KluH3yGWwzTA==,type:str]
     mlwd-nl-seckey: ENC[AES256_GCM,data:LfndvssZdlIerJQZRsLzlTdY9ThjmRcMvUKQgWu06vVEFZgI4KGi5b++9Jg=,iv:EoV7e0fE8RCw0K+nGx3dYGCZV0GSVtxPzi5vQ+5+Tuk=,tag:AZ78jsfL0OgUPYOiO6xn0Q==,type:str]
     oxalab-seckey: ENC[AES256_GCM,data:eWdcDboE4L7/8k87kipaZXdFbo8tp+/RS5KCkfnE4OYCOtNg5WJlrJTsE3o=,iv:tjfVIiFbNa8p0NhL2No1UogHkppIdWNaXW5Qjny725s=,tag:em0g5BERF+lOR6VSW8Wh8A==,type:str]
+mail:
+    oxapentane.com: ENC[AES256_GCM,data:9P7r1WGaGekZkCbI3iVK1cQiVXN46LilZaY=,iv:juCWeCTXjKuoC0y0l08d98i5rLlmOeRXL4H/GsouAWs=,tag:DflQZMy2WBqee/pM2njF2Q==,type:str]
+    shipunov.xyz: ENC[AES256_GCM,data:Lr60OLtghGxyTxs9clz6ZY8RLno3dQGLHi5w3QYXFQ==,iv:Yr+soB0e8+MQQfCuznmJRaAn9SgoDkT9B8UdGzVOcMY=,tag:8yg3GQMnllgufilNyXrdUg==,type:str]
+    dvb.solutions: ENC[AES256_GCM,data:xEbuW66WyMqEmyxsiuFTgvb6oJBdUtXj9aAsv7wR,iv:8+nNrMntqRX8Wn7T+/JctRK0nrU4BWxGmGxpjPbO/D8=,tag:euuABMXM4svQgNzAploxIQ==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -18,8 +22,8 @@ sops:
             cHBBdERxM1MxaER5YWZqWTJTZnprVzgKT7C9aMo4BAS+Tewx5u+yEILRUna1P5Wu
             iRQeH/SqCigoA2d3ekl7/VWcmSJPtb7FMLwX+9LEgIILo8KBYhseGA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2022-08-05T04:54:13Z"
-    mac: ENC[AES256_GCM,data:E/osCd1dDAxnDdB8n+ii7xYGhItXZKPy2T0smrQsFmJY6uYBhuaIXn7LsUFUWavEhgDBFn2mrRXPZsk4U2Z7y0/O5PIapFnWSfVQOVIRGgv0uiim5RtI9N4beu2Ftk6XUlNoa9gQJRWkA+kGv6abH76H6S09cSW7+OsSb37/Kuw=,iv:SOfq17e+41eyAdUQG3iOSOtaPtkeMHyoKxxIBzKvHzY=,tag:XYjK/D2oqw/TzNmbCrP7KA==,type:str]
+    lastmodified: "2022-08-11T18:24:56Z"
+    mac: ENC[AES256_GCM,data:Q1yLGASvM9EQ8SAPFAevC0604QmoCoIQPJgJjtbIIFGEiL+0PtiNEg0HLG44aYEXd+lxlZLaLXOLVgA1I1LjFGa0EZMB7r5Cc1V1NePGcz8tWlfINhRi9pixigDL2k7sVCCmrRDrxQPiyFpvLvVz5xjcWpMZWU1SXt6vCE4wAOc=,iv:2H77Hc20vxXwTPiDMhCH3bRu90uriRi69oDzs6apxnU=,tag:g5IAzGZj7gsoyxnYmP44Vg==,type:str]
     pgp:
         - created_at: "2022-07-15T02:04:05Z"
           enc: |-