diff --git a/discuss.yml b/discuss.yml
index e1ff72f..967dd0c 100644
--- a/discuss.yml
+++ b/discuss.yml
@@ -7,4 +7,5 @@
       - julien@palard.fr
       - marc@debureaux.fr
   roles:
+    - common
     - discourse
diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
index c0d2132..1a3f868 100644
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -2,3 +2,6 @@
 
 - name: reload nftables
   service: name=nftables state=reloaded
+
+- name: reload exim4
+  service: name=exim4 state=reloaded
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index c622a3e..7dd2084 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -5,6 +5,63 @@
     hostname:
       name: "{{ inventory_hostname_short }}"
 
+  - name: Configure FQDN
+    lineinfile:
+      path: /etc/hosts
+      regexp: '^127\.0\.0\.1'
+      line: "127.0.0.1 {{ inventory_hostname }} {{ inventory_hostname_short }} localhost"
+      owner: root
+      group: root
+      mode: 0644
+
+  - name: Choose a DKIM selector
+    set_fact:
+      dkim_selector: "{{ inventory_hostname | replace('.', '-') }}"
+
+  - name: Create /etc/exim4/dkim/ directory
+    file:
+      path: /etc/exim4/dkim/
+      state: directory
+      mode: 0750
+      owner: Debian-exim
+      group: Debian-exim
+
+  - name: Generate a private key for DKIM
+    command: openssl genrsa -out /etc/exim4/dkim/{{ dkim_selector }}-private.key 1024
+    args:
+      creates: /etc/exim4/dkim/{{ dkim_selector }}-private.key
+
+  - name: Allow exim to read the DKIM private key
+    file:
+      path: /etc/exim4/dkim/{{ dkim_selector }}-private.key
+      owner: root
+      group: Debian-exim
+      mode: 0640
+
+  - name: Derive the public key for DKIM
+    command: openssl rsa -in {{ dkim_selector }}-private.key -out {{ dkim_selector }}.pem -pubout -outform PEM
+    args:
+      chdir: /etc/exim4/dkim/
+      creates: /etc/exim4/dkim/{{ dkim_selector }}.pem
+
+  - name: Configure exim to use our DKIM key
+    copy:
+      dest: /etc/exim4/conf.d/main/00_local_macros
+      content: |
+        DKIM_CANON = relaxed
+        DKIM_SELECTOR = {{ dkim_selector }}
+        DKIM_DOMAIN = {{ inventory_hostname }}
+        DKIM_PRIVATE_KEY = /etc/exim4/dkim/{{ dkim_selector }}-private.key
+      owner: root
+      group: root
+      mode: 0644
+    notify: reload exim4
+    register: config_exim
+
+  - name: Reconfigure exim4
+    command: update-exim4.conf
+    when: config_exim is changed
+
   - package: name=nftables state=present
 
   - service: name=nftables enabled=yes state=started daemon_reload=yes
diff --git a/roles/discourse/tasks/main.yml b/roles/discourse/tasks/main.yml
index 1fe7131..ddfcdce 100644
--- a/roles/discourse/tasks/main.yml
+++ b/roles/discourse/tasks/main.yml
@@ -41,3 +41,15 @@
   template:
     src: app.yml
     dest: /var/discourse/containers/app.yml
+
+- name: Allow docker to send emails via exim
+  lineinfile:
+    path: /etc/exim4/update-exim4.conf.conf
+    regexp: ^dc_local_interfaces=
+    line: "dc_local_interfaces='127.0.0.1;172.17.0.1'"
+
+- name: Allow docker to send emails via exim
+  lineinfile:
+    path: /etc/exim4/update-exim4.conf.conf
+    regexp: ^dc_relay_nets=
+    line: "dc_relay_nets='172.16.0.0/12'"