diff --git a/mail-server.nix b/mail-server.nix
new file mode 100644
index 0000000..48c5458
--- /dev/null
+++ b/mail-server.nix
@@ -0,0 +1,67 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.mailserver;
+in
+{
+  options.services.mailserver = {
+    enable = mkEnableOption "Mail Server";
+    domaine = mkOption {
+      type = types.string;
+      example = "example.com";
+      description = "Nom de domaine du serveur de mails";
+    };
+  };
+
+  imports = [
+    (builtins.fetchTarball {
+      url = "https://github.com/r-raymond/nixos-mailserver/archive/v2.1.4.tar.gz";
+      sha256 = "1n7k8vlsd1p0fa7s3kgd40bnykpk7pv579aqssx9wia3kl5s7c1b";
+    })
+  ];
+
+  config = mkIf cfg.enable {
+
+    mailserver = {
+      enable = true;
+      fqdn = "mail.${cfg.domaine}";
+      domains = [ cfg.domaine ];
+
+      # A list of all login accounts. To create the password hashes, use
+      # mkpasswd -m sha-512 "super secret password"
+      loginAccounts = {
+        "paul@${cfg.domaine}" = {
+          hashedPassword = "$6$8wWQbtqVqUoH8$pQKg0bZPcjCbuPvyhjJ1lQy949M/AgfmAye/hDEIVUnCfwtlUxC1yj8CBHpNKeiiXhd8IUqk9r0/IJNvB6okf0";
+        };
+      };
+
+      # Certificate setup
+      certificateScheme = 1;
+      certificateFile = "/var/lib/acme/${cfg.domaine}/fullchain.pem";
+      keyFile = "/var/lib/acme/${cfg.domaine}/key.pem";
+
+      # Length of the Diffie Hillman prime used
+      dhParamBitLength = 4096;
+
+      # Enable IMAP and POP3
+      enableImap = true;
+      enablePop3 = true;
+      enableImapSsl = true;
+      enablePop3Ssl = true;
+
+      # Enable the ManageSieve protocol
+      enableManageSieve = true;
+    };
+
+    security.acme.certs = {
+      "${cfg.domaine}" = {
+        extraDomains = {
+          "mail.${cfg.domaine}" = null;
+        };
+      };
+    };
+
+  };
+}
diff --git a/services.nix b/services.nix
index 13c200a..62dcc0f 100644
--- a/services.nix
+++ b/services.nix
@@ -18,6 +18,10 @@ let
 in
 
 {
+  imports = [
+    ./mail-server.nix
+  ];
+
   services.haproxy.enable = true;
 
   services.haproxy.config = ''
@@ -162,6 +166,9 @@ backend ${name}-backend
   services.murmur.imgMsgLength = 0;
   services.murmur.textMsgLength = 0;
 
+  services.mailserver.enable = true;
+  services.mailserver.domaine = domaine;
+
   networking.firewall.allowedTCPPorts = [
     80 443 # HAProxy
     111 2049 4000 4001 4002 # NFS