diff --git a/flake.nix b/flake.nix
index 5812f1f..2c7bd71 100755
--- a/flake.nix
+++ b/flake.nix
@@ -69,6 +69,8 @@
             ./modules/ldap.nix
             # ./modules/keycloak.nix replaced by portunus
             ./modules/nginx.nix
+            ./modules/mail.nix
+            ./modules/mailman.nix
             ./modules/hedgedoc.nix
             ./modules/wiki.nix
             ./modules/stream.nix
diff --git a/modules/mail.nix b/modules/mail.nix
index 8a4db0e..d047743 100644
--- a/modules/mail.nix
+++ b/modules/mail.nix
@@ -41,6 +41,8 @@ in
       networks = [ "127.0.0.1" "141.30.30.169" ];
       sslCert = "/var/lib/acme/${hostname}/fullchain.pem";
       sslKey = "/var/lib/acme/${hostname}/key.pem";
+      relayDomains = [ "hash:/var/lib/mailman/data/postfix_domains" ];
+
       extraAliases = ''
         # Taken from kaki, maybe we can throw out some at some point
         # General redirections for pseudo accounts
@@ -99,7 +101,9 @@ in
         smtpd_sasl_auth_enable = true;
         smtpd_sasl_path = "/var/lib/postfix/auth";
         smtpd_sasl_type = "dovecot";
-        # virtual_mailbox_base = "/var/mail";
+        #mailman stuff
+        transport_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ];
+        local_recipient_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ];
       };
     };
     dovecot2 = {
diff --git a/modules/mailman.nix b/modules/mailman.nix
new file mode 100644
index 0000000..6f5bb2e
--- /dev/null
+++ b/modules/mailman.nix
@@ -0,0 +1,11 @@
+{ config, ... }:
+{
+  services.mailman = {
+    enable = true;
+    serve.enable = true;
+    webHosts = [ "lists.${config.fsr.domain}" ];
+    hyperkitty.enable = true;
+    enablePostfix = true;
+    siteOwner = "root@${config.fsr.domain}";
+  };
+}