{ config, lib, pkgs, ... }:
{
  services.postfix.enable = lib.mkForce false;

  services.nullmailer = {
    enable = true;
    config = {
      me = config.networking.fqdn;
      remotes = "mail.pvv.ntnu.no smtp --port=25";
    };
  };

  services.bro = {
    enable = true;

    instances.userweb-sendmail = {
      enable = true;

      client = {
        settings.BRO_FILE_FLAGS = [
          "-C"
        ];
      };

      server = {
        settings = {
          executable = lib.getExe pkgs.system-sendmail;
          # allowed-env = [  ];
        };
      };
    };
  };

  environment.systemPackages = [
    (config.services.bro.instances.userweb-sendmail.client.package.overrideAttrs (prev: {
      postInstall = (prev.postInstall or "") + ''
        mv "$out/bin/sendmail" "$out/bin/bro-sendmail"
      '';
    }))
  ];

  systemd.services.bro-userweb-sendmail = {
    serviceConfig = {
      User = "nobody";
      Group = "nobody";

      AmbientCapabilities = "";
      CapabilityBoundingSet = "";
      NoNewPrivileges = false;
      ProtectSystem = "strict";
      ProtectHome = true;
      PrivateTmp = true;
      PrivateDevices = true;
      PrivateUsers = false;
      ProtectHostname = true;
      ProtectClock = true;
      ProtectKernelTunables = true;
      ProtectKernelModules = true;
      ProtectKernelLogs = true;
      ProtectControlGroups = true;
      RestrictAddressFamilies = [
        "AF_UNIX"
        "AF_INET"
        "AF_INET6"
        "AF_NETLINK"
      ];
      LockPersonality = true;
      MemoryDenyWriteExecute = true;
      PrivateMounts = true;
      ProcSubset = "pid";
      ProtectProc = "invisible";
      RemoveIPC = true;
      RestrictNamespaces = true;
      RestrictRealtime = true;
      RestrictSUIDSGID = true;
      UMask = "0027";
      SystemCallArchitectures = "native";
      # SystemCallFilter = [
      # ];
    };
  };
}