diff --git a/nixos/module/hectic/service/mailserver.nix b/nixos/module/hectic/service/mailserver.nix
index f75c019..280a298 100644
--- a/nixos/module/hectic/service/mailserver.nix
+++ b/nixos/module/hectic/service/mailserver.nix
@@ -56,6 +56,9 @@ in {
       certificateScheme = "acme-nginx";
     };
 
+    # NOTE(yukkop): avoid Gmail rejection due to missing IPv6 PTR records
+    services.postfix.settings.main.inet_protocols = lib.mkDefault "ipv4";
+
     security.acme.acceptTerms       = true;
     security.acme.defaults.email    = "security@" + cfg.domain;
   };
diff --git a/nixos/system/hectic-lab/hectic-lab.nix b/nixos/system/hectic-lab/hectic-lab.nix
index 7cf9988..a551f5d 100644
--- a/nixos/system/hectic-lab/hectic-lab.nix
+++ b/nixos/system/hectic-lab/hectic-lab.nix
@@ -36,7 +36,7 @@ in {
     hardware.hetzner-cloud = {
       enable                 = true;
       networkMatchConfigName = "enp1s0";
-      ipv4                   = "188.245.181.123";
+      ipv4                   = "128.140.75.58";
       ipv6                   = "2a01:4f8:c2c:d54a";
     };
   };
@@ -100,11 +100,11 @@ in {
     ];
   };
 
-  sops.secrets."mailserver/security/hashedPassword" = {};
-  sops.secrets."mailserver/yukkop/hashedPassword"   = {};
-  sops.secrets."mailserver/founders/hashedPassword"   = {};
-  sops.secrets."mailserver/snuff/hashedPassword"    = {};
-  sops.secrets."mailserver/antoshka/hashedPassword" = {};
+  sops.secrets."mailserver/security/hashedPassword"  = {};
+  sops.secrets."mailserver/yukkop/hashedPassword"    = {};
+  sops.secrets."mailserver/snuff/hashedPassword"     = {};
+  sops.secrets."mailserver/antoshka/hashedPassword"  = {};
+  sops.secrets."mailserver/founders/hashedPassword"  = {};
 
   services.mailserver = {
     enable = true;