diff --git a/REUSE.toml b/REUSE.toml
index 8219952..f10a39f 100644
--- a/REUSE.toml
+++ b/REUSE.toml
@@ -20,7 +20,7 @@ precedence = "closest"
 [[annotations]]
 SPDX-FileCopyrightText = "2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>"
 SPDX-License-Identifier = "EUPL-1.2"
-path = ["machines/nixos/compute01/librenms/kanidm.patch", "machines/nixos/compute01/stirling-pdf/*.patch", "machines/nixos/vault01/k-radius/packages/01-python_path.patch", "machines/nixos/web01/crabfit/*.patch", "machines/nixos/web02/cas-eleves/01-pytest-cas.patch", "patches/lix/01-disable-installChecks.patch", "patches/nixpkgs/03-crabfit-karla.patch", "patches/nixpkgs/05-netbird-relay.patch"]
+path = ["machines/nixos/compute01/ds-fr/01-smtp-tls.patch", "machines/nixos/compute01/librenms/kanidm.patch", "machines/nixos/compute01/stirling-pdf/*.patch", "machines/nixos/vault01/k-radius/packages/01-python_path.patch", "machines/nixos/web01/crabfit/*.patch", "machines/nixos/web02/cas-eleves/01-pytest-cas.patch", "patches/lix/01-disable-installChecks.patch", "patches/nixpkgs/03-crabfit-karla.patch", "patches/nixpkgs/05-netbird-relay.patch"]
 precedence = "closest"
 
 [[annotations]]
diff --git a/default.nix b/default.nix
index 0cbd84e..d03f4b4 100644
--- a/default.nix
+++ b/default.nix
@@ -85,6 +85,7 @@ let
       # Patches
       {
         path = [
+          "machines/nixos/compute01/ds-fr/01-smtp-tls.patch"
           "machines/nixos/compute01/librenms/kanidm.patch"
           "machines/nixos/compute01/stirling-pdf/*.patch"
           "machines/nixos/vault01/k-radius/packages/01-python_path.patch"
diff --git a/machines/nixos/compute01/ds-fr/01-smtp-tls.patch b/machines/nixos/compute01/ds-fr/01-smtp-tls.patch
new file mode 100644
index 0000000..397f3dc
--- /dev/null
+++ b/machines/nixos/compute01/ds-fr/01-smtp-tls.patch
@@ -0,0 +1,63 @@
+From de5e8237e4bd8f3e325473c789fb542d01557f27 Mon Sep 17 00:00:00 2001
+From: Tom Hubrecht <tom@hubrecht.ovh>
+Date: Fri, 22 Sep 2023 17:26:27 +0200
+Subject: [PATCH 1/2] fix(smtp): Allow specifying SSL settings
+
+---
+ config/environments/production.rb | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/config/environments/production.rb b/config/environments/production.rb
+index cf942cd6c70..39692890213 100644
+--- a/config/environments/production.rb
++++ b/config/environments/production.rb
+@@ -105,7 +105,8 @@
+       user_name:            ENV.fetch("SMTP_USER"),
+       password:             ENV.fetch("SMTP_PASS"),
+       authentication:       ENV.fetch("SMTP_AUTHENTICATION"),
+-      enable_starttls_auto: ENV.fetch("SMTP_TLS").present?
++      enable_starttls_auto: ENV.fetch("SMTP_TLS").present?,
++      ssl:                  ENV.fetch("SMTP_SSL").present?
+     }
+   elsif ENV['SENDMAIL_ENABLED'] == 'enabled'
+     config.action_mailer.delivery_method = :sendmail
+
+From a406428ee761231c3e82dd5c8f5154d04474a238 Mon Sep 17 00:00:00 2001
+From: Tom Hubrecht <tom@hubrecht.ovh>
+Date: Mon, 25 Sep 2023 10:17:37 +0200
+Subject: [PATCH 2/2] fix(smtp): Disambiguate configuration options for SMTP
+
+---
+ config/env.example.optional       | 3 ++-
+ config/environments/production.rb | 4 ++--
+ 2 files changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/config/env.example.optional b/config/env.example.optional
+index 050e5d49bec..25bea8328fb 100644
+--- a/config/env.example.optional
++++ b/config/env.example.optional
+@@ -206,7 +206,8 @@ SMTP_HOST=""
+ SMTP_PORT=""
+ SMTP_USER=""
+ SMTP_PASS=""
+-SMTP_TLS=""
++SMTP_STARTTLS="enabled" # Use any non-blank value to enable starttls
++SMTP_TLS=""             # Use any non-blank value to enable TLS
+ SMTP_AUTHENTICATION="plain"
+ 
+ # Sendmail
+diff --git a/config/environments/production.rb b/config/environments/production.rb
+index 39692890213..bc203bbbaab 100644
+--- a/config/environments/production.rb
++++ b/config/environments/production.rb
+@@ -105,8 +105,8 @@
+       user_name:            ENV.fetch("SMTP_USER"),
+       password:             ENV.fetch("SMTP_PASS"),
+       authentication:       ENV.fetch("SMTP_AUTHENTICATION"),
+-      enable_starttls_auto: ENV.fetch("SMTP_TLS").present?,
+-      ssl:                  ENV.fetch("SMTP_SSL").present?
++      enable_starttls_auto: ENV.fetch("SMTP_STARTTLS", "enabled").present?,
++      tls:                  ENV.fetch("SMTP_TLS", "").present?
+     }
+   elsif ENV['SENDMAIL_ENABLED'] == 'enabled'
+     config.action_mailer.delivery_method = :sendmail
diff --git a/machines/nixos/compute01/ds-fr/default.nix b/machines/nixos/compute01/ds-fr/default.nix
index 9cb2f5c..944e617 100644
--- a/machines/nixos/compute01/ds-fr/default.nix
+++ b/machines/nixos/compute01/ds-fr/default.nix
@@ -34,6 +34,8 @@ in
         '';
       };
 
+      patches = (old.patches or [ ]) ++ [ ./01-smtp-tls.patch ];
+
       prePatch = ''
         ${pkgs.lib.getExe pkgs.git} apply -p1 < ${patch}
       '';
@@ -71,8 +73,8 @@ in
       SMTP_HOST = "kurisu.lahfa.xyz";
       SMTP_PORT = "465";
       SMTP_USER = "web-services@infra.dgnum.eu";
-      SMTP_TLS = "";
-      SMTP_SSL = "true";
+      SMTP_STARTTLS = "";
+      SMTP_TLS = "true";
       SMTP_AUTHENTICATION = "plain";
 
       SUPER_ADMIN_OTP_ENABLED = "disabled";