diff --git a/nginx/mailcow.conf b/nginx/mailcow.conf
index 206aaad..66a6d6a 100644
--- a/nginx/mailcow.conf
+++ b/nginx/mailcow.conf
@@ -1,40 +1,44 @@
 server {
-        listen 443 ssl http2;
-        listen [::]:443 ssl http2;
-        
-        server_name mail.example.com autodiscover.example.com autoconfig.example.com;
-        
-        ssl_certificate /opt/mailcow-dockerized/data/assets/ssl/fullchain.pem;
-        ssl_certificate_key /opt/mailcow-dockerized/data/assets/ssl/key.pem;
-        ssl_dhparam /opt/mailcow-dockerized/data/assets/ssl/dhparams.pem;
+  listen 80 default_server;
+  listen [::]:80 default_server;
+  server_name email.example.com autodiscover.* autoconfig.*;
+  return 301 https://$host$request_uri;
+}
+server {
+  listen 443 ssl http2;
+  listen [::]:443 ssl http2;
+  server_name email.example.com autodiscover.* autoconfig.*;
 
-        include /etc/nginx/snippets/ssl.conf;
-        
-        ssl_trusted_certificate /opt/mailcow-dockerized/data/assets/ssl/chain.pem;
-        include /etc/nginx/snippets/stapling.conf;
-        
-        include /etc/nginx/snippets/mailcow.conf;
+  ssl_certificate /opt/mailcow-dockerized/data/assets/ssl/cert.pem;
+  ssl_certificate_key /opt/mailcow-dockerized/data/assets/ssl/key.pem;
+  ssl_dhparam /opt/mailcow-dockerized/data/assets/ssl/dhparams.pem;
 
-        location /Microsoft-Server-ActiveSync {
-                proxy_pass http://127.0.0.1:8080/Microsoft-Server-ActiveSync;
-                proxy_set_header Host $http_host;
-                proxy_set_header X-Real-IP $remote_addr;
-                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-                proxy_set_header X-Forwarded-Proto $scheme;
-                proxy_connect_timeout 75;
-                proxy_send_timeout 3650;
-                proxy_read_timeout 3650;
-                proxy_buffers 64 256k;
-                client_body_buffer_size 512k;
-                client_max_body_size 0;
-        }
+  include /etc/nginx/snippets/ssl.conf;
+  ssl_trusted_certificate /opt/mailcow-dockerized/data/assets/ssl/chain.pem;
+  
+  include /etc/nginx/snippets/headers.conf;
 
-        location / {
-                proxy_pass http://127.0.0.1:8080/;
-                proxy_set_header Host $http_host;
-                proxy_set_header X-Real-IP $remote_addr;
-                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-                proxy_set_header X-Forwarded-Proto $scheme;
-                client_max_body_size 0;
-        }
+  location /Microsoft-Server-ActiveSync {
+    proxy_pass http://127.0.0.1:8080/Microsoft-Server-ActiveSync;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_connect_timeout 75;
+    proxy_send_timeout 3650;
+    proxy_read_timeout 3650;
+    proxy_buffers 64 256k;
+    client_body_buffer_size 512k;
+    client_max_body_size 0;
+  }
+
+  location / {
+    proxy_pass http://127.0.0.1:8080/;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    client_max_body_size 0;
+  }
 }
+