diff --git a/flake.nix b/flake.nix
index 37c05c9..c83465e 100644
--- a/flake.nix
+++ b/flake.nix
@@ -38,8 +38,8 @@
         inherit system;
         mailserver = nixpkgs.lib.nixosSystem rec {
           modules = [
-            simple-nixos-mailserver.nixosModule
             vpsadminos.nixosConfigurations.container
+            simple-nixos-mailserver.nixosModule
             hosts.nixosModule
             ./mailserver
           ];
diff --git a/mailserver/default.nix b/mailserver/default.nix
index b491c46..70c1f00 100644
--- a/mailserver/default.nix
+++ b/mailserver/default.nix
@@ -1,4 +1,4 @@
 { config, pkgs, ... }:
 {
-  imports = [ ./configuration.nix ./mailserver ./roundcube ./postgres ./wireguard ./nginx ./webshite ./tor ./i2pd ./gitea ];
+  imports = [ ./configuration.nix ./mailserver ./roundcube ./postgres ./wireguard ./nginx ./webshite ./tor ./i2pd ./gitea ./dnscrypt ];
 }
diff --git a/mailserver/dnscrypt/default.nix b/mailserver/dnscrypt/default.nix
new file mode 100644
index 0000000..66a708b
--- /dev/null
+++ b/mailserver/dnscrypt/default.nix
@@ -0,0 +1,33 @@
+{
+  networking = {
+    nameservers = [ "127.0.0.1" "::1" ];
+    dhcpcd.extraConfig = "nohook resolv.conf";
+  };
+
+  services.dnscrypt-proxy2 = {
+    enable = true;
+    settings = {
+      ipv4_servers = true;
+      ipv6_servers = true;
+      dnscrypt_servers = true;
+      doh_servers = false;
+      odoh_servers = false;
+      require_dnssec = true;
+      require_nolog = true;
+      require_nofilter = true;
+      sources.public-resolvers = {
+        urls = [
+          "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
+          "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
+        ];
+        cache_file = "/var/lib/dnscrypt-proxy/public-resolvers.md";
+        minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
+      };
+    };
+  };
+  systemd.services.dnscrypt-proxy2.serviceConfig = {
+    StateDirectory = "dnscrypt-proxy";
+  };
+}
+
+
diff --git a/mailserver/mailserver/default.nix b/mailserver/mailserver/default.nix
index 0ebb4ef..dd446e9 100644
--- a/mailserver/mailserver/default.nix
+++ b/mailserver/mailserver/default.nix
@@ -2,6 +2,7 @@
 {
   mailserver = {
     enable = true;
+    localDnsResolver = false;
     fqdn = "mail.idimitrov.dev";
     domains = [ "idimitrov.dev" "mail.idimitrov.dev" ];
     loginAccounts = {