diff --git a/platforms/nixos/modules/nmasur/presets/programs/msmtp.nix b/platforms/nixos/modules/nmasur/presets/programs/msmtp.nix
index 52db089..574428a 100644
--- a/platforms/nixos/modules/nmasur/presets/programs/msmtp.nix
+++ b/platforms/nixos/modules/nmasur/presets/programs/msmtp.nix
@@ -15,13 +15,21 @@ in
     enable = lib.mkEnableOption "System outgoing mail";
     host = lib.mkOption {
       type = lib.types.str;
-      description = "Hostname for SMTP";
-      default = config.mail.smtpHost;
+      description = "Hostname for SMTP server";
+    };
+    domain = lib.mkOption {
+      type = lib.types.str;
+      description = "Domain name for SMTP email";
     };
     user = lib.mkOption {
       type = lib.types.str;
-      description = "system@${config.mail.server}";
-      default = config.mail.smtpHost;
+      description = "Username (email address) for SMTP";
+      default = "system@${cfg.domain}";
+    };
+    passwordFile = lib.mkOption {
+      type = lib.types.path;
+      description = "Password file for SMTP";
+      default = ../../../../../../private/mailpass-system.age;
     };
   };
 
@@ -34,7 +42,7 @@ in
         default = {
           auth = true;
           host = cfg.host;
-          passwordeval = "${pkgs.age}/bin/age --decrypt --identity ${config.identityFile} ${pkgs.writeText "mailpass-system.age" (builtins.readFile ../../../private/mailpass-system.age)}";
+          passwordeval = "${pkgs.age}/bin/age --decrypt --identity ${config.identityFile} ${pkgs.writeText "mailpass-system.age" (builtins.readFile cfg.passwordFile)}";
           user = cfg.user;
           from_full_name = "${config.networking.hostName} System";
           port = 465;
diff --git a/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix b/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix
index 7e1e713..a1d34bd 100644
--- a/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix
+++ b/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix
@@ -75,7 +75,7 @@ in
         issuers = [
           {
             module = "acme";
-            email = "acme@${config.mail.server}";
+            email = "acme@${config.nmasur.presets.programs.msmtp.domain}";
             account_key = "{env.ACME_ACCOUNT_KEY}";
             challenges = {
               dns = {
diff --git a/platforms/nixos/modules/nmasur/presets/services/grafana.nix b/platforms/nixos/modules/nmasur/presets/services/grafana.nix
index a2afc7f..3056662 100644
--- a/platforms/nixos/modules/nmasur/presets/services/grafana.nix
+++ b/platforms/nixos/modules/nmasur/presets/services/grafana.nix
@@ -39,8 +39,8 @@ in
         };
         smtp = rec {
           enabled = true;
-          host = "${config.mail.smtpHost}:465";
-          user = "grafana@${config.mail.server}";
+          host = "${config.nmasur.presets.programs.msmtp.host}:465";
+          user = "grafana@${config.nmasur.presets.programs.msmtp.domain}";
           password = "$__file{${config.secrets.mailpass-grafana.dest}}";
           from_name = "Grafana";
           from_address = user;
@@ -2415,7 +2415,7 @@ in
                 {
                   uid = "basic-email";
                   type = "email";
-                  settings.addresses = "grafana@${config.mail.server}";
+                  settings.addresses = "grafana@${config.nmasur.presets.programs.msmtp.domain}";
                 }
               ];
             }
diff --git a/platforms/nixos/modules/nmasur/presets/services/nix-autoupgrade.nix b/platforms/nixos/modules/nmasur/presets/services/nix-autoupgrade.nix
index 2a3c4e6..d744df0 100644
--- a/platforms/nixos/modules/nmasur/presets/services/nix-autoupgrade.nix
+++ b/platforms/nixos/modules/nmasur/presets/services/nix-autoupgrade.nix
@@ -40,10 +40,10 @@ in
     # Create an email notification service for failed jobs
     systemd.services."notify-email@" =
       let
-        address = "system@${config.mail.server}";
+        address = "system@${config.nmasur.presets.programs.msmtp.domain}";
       in
       {
-        enable = config.mail.enable;
+        enable = config.nmasur.presets.programs.msmtp.enable;
         environment.SERVICE_ID = "%i";
         script = ''
           TEMPFILE=$(mktemp)
diff --git a/platforms/nixos/modules/services/betterlockscreen.nix b/platforms/nixos/modules/services/betterlockscreen.nix
index 63652b5..af7f823 100644
--- a/platforms/nixos/modules/services/betterlockscreen.nix
+++ b/platforms/nixos/modules/services/betterlockscreen.nix
@@ -6,6 +6,7 @@
 }:
 
 let
+  inherit (config.nmasur.settings) username;
   cfg = config.services.betterlockscreen;
   # Disable Dunst so that it's not attempting to reach a non-existent dunst service
   betterlockscreen = pkgs.betterlockscreen.override { withDunst = cfg.dunst.enable; };
@@ -29,7 +30,7 @@ in
         "suspend.target"
       ];
       serviceConfig = {
-        User = config.user;
+        User = username;
         Type = "simple";
         Environment = "DISPLAY=:0";
         TimeoutSec = "infinity";