diff --git a/machines/akhaten/stalwart.nix b/machines/akhaten/stalwart.nix
index e5c749d..8058368 100644
--- a/machines/akhaten/stalwart.nix
+++ b/machines/akhaten/stalwart.nix
@@ -3,10 +3,9 @@
   services.stalwart-mail = {
     enable = true;
     settings = {
-      global.tracing.level = "trace";
       authentication.fallback-admin = {
         user = "admin";
-        secret = "$6$R469iElYzZ7v7TlV$PtJpqLO0Szw.B/r8V.puCC26i5.nfQLJQotTWrNoBsTrFo6/J1pC43OIMKc.2Oli/Of0pjPcgbBNmhfFImuuu0";
+        secret = "%{file:/var/lib/stalwart-mail/admin-hash}%";
       };
       lookup.default.hostname = "mail.luj.fr";
       server = {
@@ -57,6 +56,13 @@
     };
   };
 
+  age.secrets.stalwart-admin-hash = {
+    file = ../../secrets/stalwart-admin.age;
+    path = "/var/lib/stalwart-mail/admin-hash";
+    owner = "stalwart-mail";
+    group = "stalwart-mail";
+  };
+
   machine.meta.zones."luj.fr".subdomains."mail" = {
     A = [ config.machine.meta.ips.public.ipv4 ];
     AAAA = [ config.machine.meta.ips.public.ipv6 ];
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 5896d56..59debc7 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -9,7 +9,7 @@ let
   lambda = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKluGTi+vGRLU2emYBhTJuEy7Qw0xq1e0Ey7wvU9xYHz";
   nuage = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEtPoZXJKPfSPGYb/H9eWL0tNSpAKM6V/AgeE1Uf2Is6";
   enigma = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBgBNhXqFN79KUpmey44pag2FQYVulf1gYnRjdbvkzWW";
-  lisanew = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII5W1rr+VW2TLLytoTExWg4T14lrdLFkSM4YLfbEIb2g";
+  akhaten = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII5W1rr+VW2TLLytoTExWg4T14lrdLFkSM4YLfbEIb2g";
   servers = [
     gustave
     tower
@@ -18,7 +18,7 @@ let
     lambda
     core-data
     nuage
-    lisanew
+    akhaten
   ];
   all = servers ++ [
     x2100
@@ -72,4 +72,8 @@ in
     tower
   ];
   "forgejo_runners-token_file.age".publicKeys = [ tower ];
+  "stalwart-admin.age".publicKeys = [
+    tower
+    akhaten
+  ];
 }
diff --git a/secrets/stalwart-admin.age b/secrets/stalwart-admin.age
new file mode 100644
index 0000000..c7e3716
--- /dev/null
+++ b/secrets/stalwart-admin.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 AqX2tg nU1QhxAS4dGHMoxv3nGtYXYtL0Kkl/CeGbVT3lsFYSo
+Xr+YMV0IYAGTOBbWDHFjTwI3yKeo4/YK5eJ0sjtPUIw
+-> ssh-ed25519 81O5Zw m+rlGUE7DwjB2iVm08//5U33qEZ/DEQJZ4m910pFnWo
+ESfL9t4CLGVO7YQWolEaFz1KaQ/VR0gj7xt7iUAoOUM
+--- eq18dwzZLAYBmOpRaQ6OB/Ry89tB6jR8lMGGm0R4ZNo
+‚/ô6	²‡QœÄÿaU¡Ï;ïÆrgX©ÿlP5c”>d5l¼´ËÌ¡½(üAr£³\fg¦þ=`±€Ê%¨q/«Žïð€çr¨%äzM9î“ÿãJ#ùcêúrWw7	ÕcÓO<Î¼qûè.<QACž/¡éòXù{ÐJ1+VV“…U™
\ No newline at end of file