diff --git a/modules/global/general.nix b/modules/global/general.nix
index 47d242b..a3b35a4 100644
--- a/modules/global/general.nix
+++ b/modules/global/general.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, common, secrets, lib, ... }:
 {
   programs = {
     # Enable dconf for programs that need it
@@ -38,4 +38,24 @@
   home-manager.sharedModules = [
     { programs.man.generateCaches = lib.mkForce false; }
   ];
+
+  programs.msmtp = with common.email; {
+    enable = true;
+    setSendmail = true;
+    defaults = {
+      host = smtp.address;
+      port = smtp.STARTTLS;
+      tls = true;
+      auth = true;
+    };
+    accounts = rec {
+      noreply = {
+        user = outgoing;
+        passwordeval = "cat ${secrets.smtp-password}";
+      };
+      default = noreply // {
+        from = withSubaddress "%U-%H";
+      };
+    };
+  };
 }
diff --git a/secrets/default.nix b/secrets/default.nix
index ad9c062..641705a 100644
--- a/secrets/default.nix
+++ b/secrets/default.nix
@@ -33,6 +33,7 @@ in
 
         "borg-password" = secrets."borg-password" // { group = "borg"; mode = "440"; };
         "binary-cache-private-key" = secrets.binary-cache-private-key // lib.optionalAttrs config.services.hydra.enable { group = "hydra"; mode = "440"; };
+        "smtp-password" = withGroup "smtp" secrets."smtp-password";
       }
       (mkIf config.services.nginx.enable {
         inherit (secrets) "cloudflare";
@@ -43,9 +44,6 @@ in
       (mkIf config.services.freshrss.enable {
         "freshrss" = withOwnerGroup "freshrss" secrets."freshrss";
       })
-      (mkIf config.services.forgejo.enable {
-        "smtp-password" = withGroup "smtp" secrets."smtp-password";
-      })
       (mkIf config.services.hydra.enable {
         inherit (secrets) hydra;
       })