diff --git a/modules/kubernetes/cloudflared/cloudflare.tf b/modules/kubernetes/cloudflared/cloudflare.tf
index db30ee33..7d491d79 100644
--- a/modules/kubernetes/cloudflared/cloudflare.tf
+++ b/modules/kubernetes/cloudflared/cloudflare.tf
@@ -92,3 +92,33 @@ resource "cloudflare_record" "mail" {
   priority = 1
   zone_id  = var.cloudflare_zone_id
 }
+
+resource "cloudflare_record" "mail_domainkey" {
+  content  = "\"k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIDLB8mhAHNqs1s6GeZMQHOxWweoNKIrqo5tqRM3yFilgfPUX34aTIXNZg9xAmlK+2S/xXO1ymt127ZGMjnoFKOEP8/uZ54iHTCnioHaPZWMfJ7o6TYIXjr+9ShKfoJxZLv7lHJ2wKQK3yOw4lg4cvja5nxQ6fNoGRwo+mQ/mgJQIDAQAB\""
+  name     = "s1._domainkey.viktorbarzin.me"
+  proxied  = false
+  ttl      = 1
+  type     = "TXT"
+  priority = 1
+  zone_id  = var.cloudflare_zone_id
+}
+
+resource "cloudflare_record" "mail_spf" {
+  content  = "\"v=spf1 include:mailgun.org ~all\""
+  name     = "viktorbarzin.me"
+  proxied  = false
+  ttl      = 1
+  type     = "TXT"
+  priority = 1
+  zone_id  = var.cloudflare_zone_id
+}
+
+resource "cloudflare_record" "mail_dmarc" {
+  content  = "\"v=DMARC1; p=none; pct=100; fo=1; ri=3600; sp=none; adkim=r; aspf=r; rua=mailto:e21c0ff8@dmarc.mailgun.org,mailto:adb84997@inbox.ondmarc.com; ruf=mailto:e21c0ff8@dmarc.mailgun.org,mailto:adb84997@inbox.ondmarc.com,mailto:postmaster@viktorbarzin.me;\""
+  name     = "_dmarc.viktorbarzin.me"
+  proxied  = false
+  ttl      = 1
+  type     = "TXT"
+  priority = 1
+  zone_id  = var.cloudflare_zone_id
+}
diff --git a/modules/kubernetes/mailserver/main.tf b/modules/kubernetes/mailserver/main.tf
index a6e41c9f..d5adda6d 100644
--- a/modules/kubernetes/mailserver/main.tf
+++ b/modules/kubernetes/mailserver/main.tf
@@ -49,7 +49,8 @@ resource "kubernetes_config_map" "mailserver_env_config" {
     POSTFIX_MESSAGE_SIZE_LIMIT             = 1024 * 1024 * 200 # 200 MB
     POSTFIX_REJECT_UNKNOWN_CLIENT_HOSTNAME = "1"
     # TLS_LEVEL                              = "intermediate"
-    DEFAULT_RELAY_HOST = "[smtp.sendgrid.net]:587"
+    # DEFAULT_RELAY_HOST = "[smtp.sendgrid.net]:587"
+    DEFAULT_RELAY_HOST = "[smtp.eu.mailgun.org]:587"
     SPOOF_PROTECTION   = "1"
     SSL_TYPE           = "manual"
     SSL_CERT_PATH      = "/tmp/ssl/tls.crt"
diff --git a/modules/kubernetes/mailserver/variables.tf b/modules/kubernetes/mailserver/variables.tf
index b50c1cc1..b50a12d0 100644
--- a/modules/kubernetes/mailserver/variables.tf
+++ b/modules/kubernetes/mailserver/variables.tf
@@ -2,7 +2,8 @@
 # see defaults - https://github.com/docker-mailserver/docker-mailserver/blob/master/target/postfix/main.cf
 variable "postfix_cf" {
   default = <<EOT
-relayhost = [smtp.sendgrid.net]:587
+#relayhost = [smtp.sendgrid.net]:587
+relayhost = [smtp.eu.mailgun.org]:587
 smtp_sasl_auth_enable = yes
 smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
 smtp_sasl_security_options = noanonymous
diff --git a/terraform.tfstate b/terraform.tfstate
index 414dce9d..b8d1e76b 100644
Binary files a/terraform.tfstate and b/terraform.tfstate differ
diff --git a/terraform.tfvars b/terraform.tfvars
index a0ca1a10..7c3f3efb 100644
Binary files a/terraform.tfvars and b/terraform.tfvars differ