diff --git a/config/secrets.nix b/config/secrets.nix
index cd9885e..0722f4e 100644
--- a/config/secrets.nix
+++ b/config/secrets.nix
@@ -42,6 +42,22 @@
         || die "Failure while aggregating basic auth hashes"
     '');
 
+  age.generators.argon2id = {
+    pkgs,
+    lib,
+    decrypt,
+    deps,
+    ...
+  }: let
+    dep = builtins.head deps;
+  in ''
+    echo " -> Deriving argon2id hash from [32m"${lib.escapeShellArg dep.host}":[m[33m"${lib.escapeShellArg dep.name}"[m" >&2
+    ${decrypt} ${lib.escapeShellArg dep.file} \
+      | tr -d '\n' \
+      | ${pkgs.libargon2}/bin/argon2 "$(${pkgs.openssl}/bin/openssl rand -base64 16)" -id \
+      || die "Failure while generating argon2id hash"
+  '';
+
   # Just before switching, remove the agenix directory if it exists.
   # This can happen when a secret is used in the initrd because it will
   # then be copied to the initramfs under the same path. This materializes
diff --git a/hosts/envoy/idmail.nix b/hosts/envoy/idmail.nix
index b89444a..8a90466 100644
--- a/hosts/envoy/idmail.nix
+++ b/hosts/envoy/idmail.nix
@@ -4,26 +4,47 @@
   lib,
   ...
 }: let
-  mailDomains = globals.domains.mail;
-  primaryDomain = mailDomains.primary;
+  primaryDomain = globals.mail.primary;
   idmailDomain = "alias.${primaryDomain}";
-in {
-  # Not needed, we store stuff in stalwart's directory
-  #environment.persistence."/persist".directories = [
-  #  {
-  #    directory = "/var/lib/idmail";
-  #    user = "idmail";
-  #    group = "idmail";
-  #    mode = "0700";
-  #  }
-  #];
 
-  age.secrets.idmail-admin-hash = {
-    rekeyFile = ./secrets/idmail-admin-hash.age;
+  mkRandomSecret = {
+    generator.script = "alnum";
+    mode = "000";
+  };
+
+  mkArgon2id = secret: {
+    generator.dependencies = [config.age.secrets.${secret}];
+    generator.script = "argon2id";
     mode = "440";
     group = "stalwart-mail";
   };
 
+  shortHash = x: lib.substring 0 16 (builtins.hashString "sha256" "${globals.salt}:${x}");
+in {
+  environment.persistence."/persist".directories = [
+    {
+      directory = "/var/lib/idmail";
+      user = "idmail";
+      group = "idmail";
+      mode = "0700";
+    }
+  ];
+
+  age.secrets = lib.mergeAttrsList (
+    [
+      {
+        idmail-user-pw_admin = mkRandomSecret;
+        idmail-user-hash_admin = mkArgon2id "idmail-user-pw_admin";
+      }
+    ]
+    ++ lib.forEach (lib.attrNames globals.mail.domains) (
+      domain: {
+        "idmail-mailbox-pw_catch-all@${shortHash domain}" = mkRandomSecret;
+        "idmail-mailbox-hash_catch-all@${shortHash domain}" = mkArgon2id "idmail-mailbox-pw_catch-all@${shortHash domain}";
+      }
+    )
+  );
+
   globals.services.idmail.domain = idmailDomain;
   globals.monitoring.http.idmail = {
     url = "https://${idmailDomain}";
@@ -31,6 +52,11 @@ in {
     network = "internet";
   };
 
+  #systemd.tmpfiles.settings."50-idmail"."${dataDir}".d = {
+  #  user = "idmail";
+  #  mode = "0750";
+  #};
+
   services.idmail = {
     enable = true;
     user = "stalwart-mail";
@@ -39,12 +65,20 @@ in {
       enable = true;
       users.admin = {
         admin = true;
-        password_hash = "%{file:${config.age.secrets.idmail-admin-hash.path}}%";
+        password_hash = "%{file:${config.age.secrets.idmail-user-hash_admin.path}}%";
       };
-      domains = lib.genAttrs mailDomains.all (_: {
+      domains = lib.flip lib.mapAttrs globals.mail.domains (domain: domainCfg: {
         owner = "admin";
-        public = true;
+        catch_all = "catch-all@${domain}";
+        inherit (domainCfg) public;
       });
+      mailboxes = lib.flip lib.mapAttrs' globals.mail.domains (
+        domain: _domainCfg:
+          lib.nameValuePair "catch-all@${domain}" {
+            password_hash = "%{file:${config.age.secrets."idmail-mailbox-hash_catch-all@${shortHash domain}".path}}%";
+            owner = "admin";
+          }
+      );
     };
   };
   systemd.services.idmail.serviceConfig.RestartSec = "60"; # Retry every minute
diff --git a/hosts/envoy/net.nix b/hosts/envoy/net.nix
index 3c36b09..7d752a6 100644
--- a/hosts/envoy/net.nix
+++ b/hosts/envoy/net.nix
@@ -7,8 +7,8 @@
   icfg = config.repo.secrets.local.networking.interfaces.wan;
 in {
   networking.hostId = config.repo.secrets.local.networking.hostId;
-  networking.domain = globals.domains.mail.primary;
-  networking.hosts."127.0.0.1" = ["mail.${globals.domains.mail.primary}"];
+  networking.domain = globals.mail.primary;
+  networking.hosts."127.0.0.1" = ["mail.${globals.mail.primary}"];
 
   globals.monitoring.ping.envoy = {
     hostv4 = lib.net.cidr.ip icfg.hostCidrv4;
diff --git a/hosts/envoy/secrets/idmail-admin-hash.age b/hosts/envoy/secrets/idmail-admin-hash.age
deleted file mode 100644
index 3d3e61d..0000000
Binary files a/hosts/envoy/secrets/idmail-admin-hash.age and /dev/null differ
diff --git a/hosts/envoy/secrets/stalwart-admin-hash.age b/hosts/envoy/secrets/stalwart-admin-hash.age
deleted file mode 100644
index 6870748..0000000
--- a/hosts/envoy/secrets/stalwart-admin-hash.age
+++ /dev/null
@@ -1,11 +0,0 @@
-age-encryption.org/v1
--> X25519 t0FJIrbn5q7oX4+1tHvjDnWDCiD6NMkNw7Aq2MfSXw4
-W6aq9jnVOH9W+pjsrSCZG1BJXSNojhiUrTgzANFpM9w
--> piv-p256 xqSe8Q A3qjOwYgwBFDf0beUSyw3nHhkO9ZhsJzGHBh4BTw7+tS
-ffyaSOMoOHiIXfXvCJY/apYkEc7wZgkhOGTNT9O7oJ0
--> n[k#S-grease /{ w79 (TV$':-8 4E
-hxVz/9v74X2gEt9y0yvKMClVgId3mAl5PVisyL0r8WUn4extTHoh8qj2fSFl++54
-c0aRZZ5Y+Pdqu/7FyignIhV4WbUtverMWhWdRAhGsXqFm/8ejLqPfELQ54w
---- rTgyJNg/7gotGoTSMt5jDxSFE0tM8CP+azNlDTRjCow
-LiÀºÝ“kþÃñ.?N@1l·HÎ¢æÐm°@8N^òU•u•	Ô
-¦Ïƒ/íò¬ØÇ³§FIHÍÂk+*è+;#3ÒvÖx×~¯3¢Ú‚VZß¯‡ïî¿oó£Ñ’ZC|ñßÂÕ›T*ˆÛ‡“^-ªÑ .71Ñé€cÐ÷+g¬±‘†»Å
\ No newline at end of file
diff --git a/hosts/envoy/stalwart-mail.nix b/hosts/envoy/stalwart-mail.nix
index ecc59bc..cc15fe6 100644
--- a/hosts/envoy/stalwart-mail.nix
+++ b/hosts/envoy/stalwart-mail.nix
@@ -5,8 +5,7 @@
   pkgs,
   ...
 }: let
-  mailDomains = globals.domains.mail;
-  primaryDomain = mailDomains.primary;
+  primaryDomain = globals.mail.primary;
   stalwartDomain = "mail.${primaryDomain}";
   dataDir = "/var/lib/stalwart-mail";
 in {
@@ -19,8 +18,14 @@ in {
     }
   ];
 
+  age.secrets.stalwart-admin-pw = {
+    generator.script = "alnum";
+    mode = "000";
+  };
+
   age.secrets.stalwart-admin-hash = {
-    rekeyFile = ./secrets/stalwart-admin-hash.age;
+    generator.dependencies = [config.age.secrets.stalwart-admin-pw];
+    generator.script = "argon2id";
     mode = "440";
     group = "stalwart-mail";
   };
diff --git a/modules/globals.nix b/modules/globals.nix
index 90b4dbf..92d36e8 100644
--- a/modules/globals.nix
+++ b/modules/globals.nix
@@ -108,6 +108,11 @@ in {
             }));
           };
 
+          salt = mkOption {
+            type = types.str;
+            description = "A salt value to use for hashes. Not secret, but also not public so you sneaky little buggers can't brute force my mail domains.";
+          };
+
           services = mkOption {
             type = types.attrsOf (types.submodule {
               options = {
@@ -214,6 +219,26 @@ in {
             };
           };
 
+          mail = {
+            domains = mkOption {
+              default = {};
+              description = "All domains on which we receive mail.";
+              type = types.attrsOf (types.submodule {
+                options = {
+                  public = mkOption {
+                    type = types.bool;
+                    description = "Whether the domain should be available for use by any user";
+                  };
+                };
+              });
+            };
+
+            primary = mkOption {
+              type = types.str;
+              description = "The primary mail domain.";
+            };
+          };
+
           domains = {
             me = mkOption {
               type = types.str;
@@ -224,16 +249,6 @@ in {
               type = types.str;
               description = "My personal domain.";
             };
-
-            mail.all = mkOption {
-              type = types.listOf types.str;
-              description = "All domains to configure on the mail server.";
-            };
-
-            mail.primary = mkOption {
-              type = types.str;
-              description = "The primary mail domain.";
-            };
           };
 
           macs = mkOption {
diff --git a/nix/globals.nix b/nix/globals.nix
index ed16b8e..f55f43b 100644
--- a/nix/globals.nix
+++ b/nix/globals.nix
@@ -34,10 +34,12 @@
         hetzner
         kanidm
         macs
+        mail
         monitoring
         myuser
         net
         root
+        salt
         services
         ;
     };
diff --git a/secrets/generated/envoy/idmail-mailbox-hash_catch-all@2171ec5b4ea361de.age b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@2171ec5b4ea361de.age
new file mode 100644
index 0000000..e03e325
Binary files /dev/null and b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@2171ec5b4ea361de.age differ
diff --git a/secrets/generated/envoy/idmail-mailbox-hash_catch-all@30a80c5c819a6d2f.age b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@30a80c5c819a6d2f.age
new file mode 100644
index 0000000..b13d57a
--- /dev/null
+++ b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@30a80c5c819a6d2f.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> X25519 Fmh3QK1rauE4Yy1F9uvzGtMumQfTHPsZpB/mFHyTik4
+uQZQ9AeMHIDYKOdSNJDY8yyr+vmFvfJYLe0F7bhPDIs
+-> piv-p256 xqSe8Q Ap39opLW1MU2pC+UmNliHT/p9+Ktlh+Er0SBz481KE94
+iy1JR54/vixGF4KgHXq19vKKNlTUEtf7soKdG8jOnwE
+-> Qb{iiDl-grease e/(Ds5o{
+qixGDiCAz/9W5rqKL8H0rjTGknJ0
+--- Xb6CEtGUamg7Rlt3gImrGyHgnztP0C6ZvOVtS1pUddM
+r«§Kf»³:ÿªÜhTØ6­¦^lóÉmî/¢šryÙÒ:!k¯ª/Ó$)ákdBææ¦ÕQÚŒÕdOc’+¤ÞüsCZØw§nP´Ä%4Æˆ–Ö…"²».öÎŽ]ó}î–€ØY-˜Y`9	M3„JQzþ¢o`n¼÷¸•‰ÃÚ³e«¸‰ØÄ¶©ûéª™Zh}àç›óøbE.D`]Zûˆ¤5ÁÂ2:5æL¶ŒÇêÿ"`Â?¶±®âf&RIÞð&eŽ~85ÙúóÄçéj]¥§”¥ì7ñÚuõÞ®r®fvÐXHKIÆŸ	¼d¦rÛp>—À#hÞŸñáÆä{ŠGýé——EÇHðî±ÕzgÆªVSù< pCå¬…‚ê÷6ÊwM.wG»£:­C<
\ No newline at end of file
diff --git a/secrets/generated/envoy/idmail-mailbox-hash_catch-all@39e88e1845ef6176.age b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@39e88e1845ef6176.age
new file mode 100644
index 0000000..8d24376
Binary files /dev/null and b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@39e88e1845ef6176.age differ
diff --git a/secrets/generated/envoy/idmail-mailbox-hash_catch-all@477075fe5513c902.age b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@477075fe5513c902.age
new file mode 100644
index 0000000..f31f6cd
Binary files /dev/null and b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@477075fe5513c902.age differ
diff --git a/secrets/generated/envoy/idmail-mailbox-hash_catch-all@5b58b7c64bdf6ac8.age b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@5b58b7c64bdf6ac8.age
new file mode 100644
index 0000000..886e18e
Binary files /dev/null and b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@5b58b7c64bdf6ac8.age differ
diff --git a/secrets/generated/envoy/idmail-mailbox-hash_catch-all@7b098b000a97e947.age b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@7b098b000a97e947.age
new file mode 100644
index 0000000..ea25629
Binary files /dev/null and b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@7b098b000a97e947.age differ
diff --git a/secrets/generated/envoy/idmail-mailbox-hash_catch-all@b3ad8b0f0313feef.age b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@b3ad8b0f0313feef.age
new file mode 100644
index 0000000..f86263a
Binary files /dev/null and b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@b3ad8b0f0313feef.age differ
diff --git a/secrets/generated/envoy/idmail-mailbox-hash_catch-all@cde738bc7ba35556.age b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@cde738bc7ba35556.age
new file mode 100644
index 0000000..a2e789b
Binary files /dev/null and b/secrets/generated/envoy/idmail-mailbox-hash_catch-all@cde738bc7ba35556.age differ
diff --git a/secrets/generated/envoy/idmail-mailbox-pw_catch-all@2171ec5b4ea361de.age b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@2171ec5b4ea361de.age
new file mode 100644
index 0000000..6c0c17d
--- /dev/null
+++ b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@2171ec5b4ea361de.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> X25519 hwiSO2uHMPYqzcHJe+fJNZQthIheNV+z8QzNRR19f30
+gJ2hYbFPvENqg2UtwgdCFKRlNB7pksSipl61IYD6NlI
+-> piv-p256 xqSe8Q AxLma+4Ap7aFLCZb6gt/VdbL78lMwp7zw9Y9E2yyi80A
+GvLv0n/kqC6xksv+nn1AEuwtGqd+vT5ivwo1yvMg+h4
+-> XJ0-grease
+Njn6lpWsxPRwkFg9asSo986W1Cd0Lhj4VpGbXyBkg2TgdxLPZKN580tgk3e6jwc
+--- mFCHJ/g5E3KqSoGdYMA4+6NnbaHYMoTmWnO+AeQuRwY
+oŸiÀêˆ)$æ7ô§µXÜzÙrÝÇ©õÕ?£E!œc#u½=C-/]Ÿ{RXþÀëºàRÄ†@ÍÇ.ÕMµžÊC`àÔí¹qH™Dú@
\ No newline at end of file
diff --git a/secrets/generated/envoy/idmail-mailbox-pw_catch-all@30a80c5c819a6d2f.age b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@30a80c5c819a6d2f.age
new file mode 100644
index 0000000..4466acc
--- /dev/null
+++ b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@30a80c5c819a6d2f.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> X25519 Ied4Rc6fx3Wrkq4DAEjr3KTqnrR3VgzZ3uHZsbTUr3w
+1kMMehvutM7wCedlVYg7Sys2Q7aEYxRO8Ajqp4bYXIQ
+-> piv-p256 xqSe8Q Ah9bkx79XWlb/zW/gVRtTmOcsOcTCaU027jz/vxBjp74
+fi8FQ+rQILsnlxTC1/MoagAL7D4lqyR0QYaefAi9m3s
+-> KW5K]-grease [K{/LCm5 s2
+TcDYJHaundRXKi8+K50c8FY/fIv2m28daA
+--- Km5TCqqCFoiI0CmtBwTFNOjKtJ7tXKZfzTJocBIeH9Y
+rÇrWé¨
+bzàäcÉ'/kàw±Šôdle×Ö[ašl˜7¨ÉO§g“§AZÔù%çê£…C¢­’tzjÚÄÉ¼îhú-ädG’
\ No newline at end of file
diff --git a/secrets/generated/envoy/idmail-mailbox-pw_catch-all@39e88e1845ef6176.age b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@39e88e1845ef6176.age
new file mode 100644
index 0000000..6e7396b
Binary files /dev/null and b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@39e88e1845ef6176.age differ
diff --git a/secrets/generated/envoy/idmail-mailbox-pw_catch-all@477075fe5513c902.age b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@477075fe5513c902.age
new file mode 100644
index 0000000..460d3e4
--- /dev/null
+++ b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@477075fe5513c902.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> X25519 TbcDtTD07pJ/Hxs+1wWcvk+fB5oPYAD9wklnyAcEJ08
+Q+YwFN8oKy3I18z4/pLEnsvA/yfnYun+Bz4M1WEV+hY
+-> piv-p256 xqSe8Q AuLtBYkwIATPvcb3Se1yR7BL2qgeigjLtl5+rF+pPFVV
+CmE6/5sj+Fie3hZqIWI7vtw+FQeVIh4q1xDkIAlGaV4
+-> }PFmeQ-grease N=(Zr
+M/UiKZLS9K6xgn9mfMXC/akO7cWtbWDoG68GF7LDOT3khbvuG+Ol7+Mw8r321P7v
+fLrjgfqCug
+--- 3GiwrF82wC51ln1ZoPr8heBKPG3smcTHrpn3QwuP1SA
+Óív¶Mê¾â£ê®ŽvŒ$iò’Ô‹È÷;(ÿ¥‘L»‹‰›Ä9¹Ï¸s…-1¢²[Bq×§5÷ëš¥Ì8>KbálÉ(šŸ¸ç(  	1þäH˜
\ No newline at end of file
diff --git a/secrets/generated/envoy/idmail-mailbox-pw_catch-all@5b58b7c64bdf6ac8.age b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@5b58b7c64bdf6ac8.age
new file mode 100644
index 0000000..944d101
--- /dev/null
+++ b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@5b58b7c64bdf6ac8.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> X25519 lAFGflmWdJh9wzYqQF75W9A7yWnJpatVTSYL+UnShmc
+5G176dn4/b0hBFMNxged8HQTJc6/i/kiWG9U2We3Z3I
+-> piv-p256 xqSe8Q ArchEEGFmxin8qORVYBYG76Ta11kuVWQoEwA3VnF6+ev
+/KSenFW6R0mzA8rdYX10O0QlE/pJj1P9+R3oLULuev0
+-> Wm:Yith-grease bk`Ui9y M9L
+hZ1ei31xfhAZisW6DXlo5+4919PYx5QtDTgL0IbHbnWXYr+NSls7KPyE
+--- NChUIl35wGl5r/FYvovD8x+RWuVilpqsm5xqvOr/FH8
+÷aR…Q9Æhæä×où+Mãé%3šÝ•Ï}Ë|) 
+	¦¢3ÉK†œÇõw'Dá5:‘÷¢€+6%ûÍœ³måÁÂUØÕ±Ãõm4¶F
\ No newline at end of file
diff --git a/secrets/generated/envoy/idmail-mailbox-pw_catch-all@7b098b000a97e947.age b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@7b098b000a97e947.age
new file mode 100644
index 0000000..462cd8a
Binary files /dev/null and b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@7b098b000a97e947.age differ
diff --git a/secrets/generated/envoy/idmail-mailbox-pw_catch-all@b3ad8b0f0313feef.age b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@b3ad8b0f0313feef.age
new file mode 100644
index 0000000..cb74c1d
--- /dev/null
+++ b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@b3ad8b0f0313feef.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> X25519 jwLw0ZQDE0oPK1pfI+SE6pPHFmXTjBBR9bKGlwpRxg4
+9cvfMwxS/e0xRIUA4/bzFhBT/qu4yStCWs3NKnr7n5o
+-> piv-p256 xqSe8Q Aklmj780XFjRXB6hP5HICrYvnqpHxI4V3XKBoCVGV2i0
+LJ1Ugx1hTOo/0USFYGM4KGv54qyi/6V7wDv1czFCT4E
+-> gC-grease
+
+--- 2J6EqVCz9ZYUkyEGMbUraHE+SknGrsanAFBeFivNmJ8
+Bgz‰yUmt	HõÌ¨ðnÛ*í¤çZ¯Uw (%$Ï4Ö—gT:Cž­câ&â
+ÉD)Ýþ¬3¬ÜÂÃ%.¥ŽÀ/¸ÅÐ¡h3í=Îóè³~ß²
\ No newline at end of file
diff --git a/secrets/generated/envoy/idmail-mailbox-pw_catch-all@cde738bc7ba35556.age b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@cde738bc7ba35556.age
new file mode 100644
index 0000000..5d1a1e1
--- /dev/null
+++ b/secrets/generated/envoy/idmail-mailbox-pw_catch-all@cde738bc7ba35556.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> X25519 tHxG6fGgWTc55QntSpCGlHlLmoybQBm5uySO0JDFlFs
+keCZTsYnm9PpxLFbqT318W9O26MQPrLgSoIO2ZZBkts
+-> piv-p256 xqSe8Q Aho/0opoUZGV/WfRsZ1q/EWhW5yjB4EP94DrKaDGcjBg
+WLdqd0YwFDLTYGSMeMww0Mgqw3MZBqh2rdJJSo9jifs
+-> (F7y+-grease PHIp60-
+5krq5aozR08UQTSWVpeiYV6imrnMw2yeeY3lhUpAG5UPdIWVwWxvut22cAr0f4/T
+fs/OB6IYy7wBhzfd1Ba/hXZNxwHwM6ohBpU
+--- sikO0jRf7KcPPuQz6Fs4EQRozL8++s/F9pXQGw+qKRA
+&‡m™m*êÉ8É˜UOÕ
+Ùòìw7ßz68OS¨tê®®@ÍÂ¨Á_EÃÁ Ô[êœ¾ÄM6Ü9BãXGà} µ?ÊüÞ#À¹¨Per
\ No newline at end of file
diff --git a/secrets/generated/envoy/idmail-user-hash_admin.age b/secrets/generated/envoy/idmail-user-hash_admin.age
new file mode 100644
index 0000000..f34c255
--- /dev/null
+++ b/secrets/generated/envoy/idmail-user-hash_admin.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> X25519 LvYxfujP+6Q6NC/2ebtVnnRphiM3oEUGMmDBEuHCHFw
+/ew4mPbRht3v+yhWPT5HdlQGnELJZWPhSoUIW1z0z1I
+-> piv-p256 xqSe8Q Amu9UjGXIFylvwWA7hJCNd90zy171sjawkLV330vte26
+33kHGMIyuxGnUpF5Q9Ap5/rTC5ooe95tNA0Z/hWnlYU
+-> f8_>qB")-grease
+Vh2DLuANNDIq9O7gddvYRKcgMmg1vqcsjxkUFO4Xaf15yoZQJbvybeiVbRP99umV
+VfClhMnMeeTVwmRYutgpS2+yuw
+--- cfE8lNGxFWSd/UnoNOrdrGV3U90/7e1ZZpGtrUgrhto
+5#Æ5¾ÆGfÊNÏ£0¯àdj¢,¥ùy	*s¹£ÆŠ¾;]ÛZS”5&32Ä¨qq‚ÁÊkåöIf¥'B¤’rJ€ÈJu7	{v:'H
\ No newline at end of file
diff --git a/secrets/generated/envoy/idmail-user-pw_admin.age b/secrets/generated/envoy/idmail-user-pw_admin.age
new file mode 100644
index 0000000..420a340
Binary files /dev/null and b/secrets/generated/envoy/idmail-user-pw_admin.age differ
diff --git a/secrets/generated/envoy/stalwart-admin-hash.age b/secrets/generated/envoy/stalwart-admin-hash.age
new file mode 100644
index 0000000..f651ac9
Binary files /dev/null and b/secrets/generated/envoy/stalwart-admin-hash.age differ
diff --git a/secrets/generated/envoy/stalwart-admin-pw.age b/secrets/generated/envoy/stalwart-admin-pw.age
new file mode 100644
index 0000000..16bf4dd
--- /dev/null
+++ b/secrets/generated/envoy/stalwart-admin-pw.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> X25519 6sJBGxU146bj34dJ29XjGY5n2XzeYG2Coy8fuQ/nmnQ
+GoaSv5YXPFTOoeiRc9vLZOEd+ON1KM4IhF5pdFMRz68
+-> piv-p256 xqSe8Q A/JZvoPMzIUCiMT9I8qFwBWCmnNgcs/z91HGIYjDu6cP
+JPyH+tRo+wwlsDV1MERLVqzwQ5kNGO/KT/d4860hwvU
+-> W-grease BB
+ZWThAsUDG5jjhan+twfPawEUbiKRdA8bhIP0R2i/0P9Xz7QgaMTPWsmPRar2sqzi
+i9/W4G9Z/X4/K62idlQBs+7cXJL2QosAHA
+--- 5B0vPvtgG66dZ524vBpMkKhG3QlkrIRi+G3V6kFM524
+ƒ±hí8¦†ÇI%¦”)fÉ;_«FóbÞAbJ=D¼öÊ%ŸgE«¨€üÄƒ…Ü,Ê.Ï°öùœx¢ÏÔ*OÖ„ÛH²PëWÆØ_¡Þæ=
\ No newline at end of file
diff --git a/secrets/global.nix.age b/secrets/global.nix.age
index 5c98fc1..02e09a6 100644
Binary files a/secrets/global.nix.age and b/secrets/global.nix.age differ
diff --git a/secrets/rekeyed/envoy/094b537b793ed00fcca8a4ff65da1dea-idmail-mailbox-pw_catch-all@5b58b7c64bdf6ac8.age b/secrets/rekeyed/envoy/094b537b793ed00fcca8a4ff65da1dea-idmail-mailbox-pw_catch-all@5b58b7c64bdf6ac8.age
new file mode 100644
index 0000000..4f58527
--- /dev/null
+++ b/secrets/rekeyed/envoy/094b537b793ed00fcca8a4ff65da1dea-idmail-mailbox-pw_catch-all@5b58b7c64bdf6ac8.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w OkYHAta0AExLlkMIAHvjY+DKkvhMPvQ75eI57PbQgWo
+Y9bzTu2PQOMUNPf5374N4UyTQzPSnOs516jbKFacsvw
+-> &-grease
+yM59yW9IXM7h4kU81cj2P61jg5Rr2uk4FnS9dGlSVhOmYMADIy2mgt9huk2/CICB
+WBFmMlsq
+--- mqzSNgjR/BjsBU8pa9NKgmEFaVagLsTe5SE6ZehxC3s
+™°þ—Ø|Ë2cjGH>	h}Û Öîc¹GÈÎÅÚ³‹X¡‰õÆºâ*øØ
+]µÏÖXéI¶ì¾øbb-ÃÑ_ýn¨\¤ÉØ”S€t\X¼¦OÛ
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/1220927bbc345582ca53f7d8960b655d-idmail-user-pw_admin.age b/secrets/rekeyed/envoy/1220927bbc345582ca53f7d8960b655d-idmail-user-pw_admin.age
new file mode 100644
index 0000000..d2fa92d
--- /dev/null
+++ b/secrets/rekeyed/envoy/1220927bbc345582ca53f7d8960b655d-idmail-user-pw_admin.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w 8lcufW1HozxdF54nm+LXLLjJDUskQRyb/8HCxOOM6lc
+eJHF9oPqt4tHAYxymcPclZzXY94FmW06SxGIxO2X43U
+-> {-grease kn6_3P Dqd!
+P3/hh9OYfA
+--- Z67nmrfzCH0yLCbCXTQlwoN+MkFNoj744bah/j6nG+o
+ö\FÌAoÓèÝÈT© ÓÞŸ_L¶LÛb‚í’&=²®vO
+æèÙsÌy,à¡î@9àé6tþÉµª%–vÄ4L«KCtÔÉ«fP
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/1b5d4ce27d2fc2444e991926c3b9e0fb-idmail-mailbox-hash_catch-all@7b098b000a97e947.age b/secrets/rekeyed/envoy/1b5d4ce27d2fc2444e991926c3b9e0fb-idmail-mailbox-hash_catch-all@7b098b000a97e947.age
new file mode 100644
index 0000000..e419950
--- /dev/null
+++ b/secrets/rekeyed/envoy/1b5d4ce27d2fc2444e991926c3b9e0fb-idmail-mailbox-hash_catch-all@7b098b000a97e947.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w CZ//VhaWYODA2wjXJOQ/+KUEVBUK/wEUHcgWwAokHDs
+3xrPcXRvnyZc0EXnwQ0BdEXlhIUKIlcnD05IMBmEGGg
+-> O>P`waLd-grease Svn~RD c&N3jclb R=! y=IbV#Ix
+FPMA/wSTJiTd1P76HlC7Br4yVj77356/MH2lZVkJpeh/KFSl3X20Ap6iL528TGXb
+CQ
+--- /VZfZw9RFXnpXzTAna7XINY8onqDPgFNwQqlT/Py2Sg
+òs‘||O”¹.˜©í0`]ù¥×5qnœk™ÑŠ0àQÃÜÒN6´¨Ï]Oáß+˜,ÏZ÷2e{ÏŠMóþµËu3{¶«Q½¡1o¬u|–&òÚðmXªþ†l@á8®fŽÁû#>&Û4œ¡Æ:MRÓÖ=O1È?¡Á£ŒË ¥I”˜Jº˜>‡µ–´½tÕû*õ?Ý´»ô™Æ”sð=1]ò¦ds^få‘üÿÝ{¬iH3Ù¹¿©„ƒû—¤’N¢sy¯"x!€PäÞÓJÕ¸–»ä¹*tG»k6„¤==ˆZ£âJ´Iízd×Â+Øƒsíé	àTÇ1†¾éâû’¿,Òd$ýsu‘|ÖP‚É½çúR[R×®q3™·ÞÑ³°/ÍïÁŠä8=4
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/239f1af6d431b122fe07891d57fdf9f0-idmail-user-hash_admin.age b/secrets/rekeyed/envoy/239f1af6d431b122fe07891d57fdf9f0-idmail-user-hash_admin.age
new file mode 100644
index 0000000..1071618
--- /dev/null
+++ b/secrets/rekeyed/envoy/239f1af6d431b122fe07891d57fdf9f0-idmail-user-hash_admin.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w HoQnsVVkcyaZFasO5JXGHHxMBIoOSxupWY0tNreVeys
+Wjz8Ns9/tue5JxMhq2MBC2iMhgLktIv2jTeQ5vEDo3Y
+-> D-:-grease _CE!K o4V x<\ YYr>ZN9K
+BiZxrEOLoSFc2HmOmOKnqK7Vj7KxsJkKOak41Z8AX4HZjQ+eT74dVX10SuejC5ZF
+DTGKAM8eGljUOwvbU7aghGuFI78yKqn0ncsieNAwFb4
+--- Wo9h1/P17v0i5Hb9K100Wpn7dtUNTW2M2rjNAb5RXbs
+³½¤[‰“¤RÈD‘û¾+xAO3AÆ¥£â%ÂtáDÿ,	­¹‚Ê™Û{vBBSÀ•Žž<©Þf04*v!­H‘+{¢¹)UBƒ×L
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/414aef60d7777cb6daed18e5f711b292-idmail-mailbox-hash_catch-all@477075fe5513c902.age b/secrets/rekeyed/envoy/414aef60d7777cb6daed18e5f711b292-idmail-mailbox-hash_catch-all@477075fe5513c902.age
new file mode 100644
index 0000000..3f48a3f
Binary files /dev/null and b/secrets/rekeyed/envoy/414aef60d7777cb6daed18e5f711b292-idmail-mailbox-hash_catch-all@477075fe5513c902.age differ
diff --git a/secrets/rekeyed/envoy/415227f31931ff0e3b6576bd081dbad3-idmail-mailbox-pw_catch-all@39e88e1845ef6176.age b/secrets/rekeyed/envoy/415227f31931ff0e3b6576bd081dbad3-idmail-mailbox-pw_catch-all@39e88e1845ef6176.age
new file mode 100644
index 0000000..8892a24
Binary files /dev/null and b/secrets/rekeyed/envoy/415227f31931ff0e3b6576bd081dbad3-idmail-mailbox-pw_catch-all@39e88e1845ef6176.age differ
diff --git a/secrets/rekeyed/envoy/49f8669bfcc36ab68f5fde222011430a-idmail-admin-hash.age b/secrets/rekeyed/envoy/49f8669bfcc36ab68f5fde222011430a-idmail-admin-hash.age
deleted file mode 100644
index be0e729..0000000
Binary files a/secrets/rekeyed/envoy/49f8669bfcc36ab68f5fde222011430a-idmail-admin-hash.age and /dev/null differ
diff --git a/secrets/rekeyed/envoy/5163b11b09190472c39d64146441c510-stalwart-admin-hash.age b/secrets/rekeyed/envoy/5163b11b09190472c39d64146441c510-stalwart-admin-hash.age
deleted file mode 100644
index c674fdb..0000000
--- a/secrets/rekeyed/envoy/5163b11b09190472c39d64146441c510-stalwart-admin-hash.age
+++ /dev/null
@@ -1,8 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 rz300w go7St2w4V+OeN5VgddWbw0WHuMJrZFNAE6ybU9tAbmI
-sGjDHvZO56PPiIB0CvCuR1tyk2UzObeZk4IRoi+hvWA
--> wxzPB1{z-grease {^`is<&c [D`g<
-Gurn/IfyXKKbuyKJNnlHfxwSOBKyqj3SlW3cxqcw6CwoL9Gc0UXeWlOgEHPzas9L
-v2un
---- dmrjPRsNFeNkTPWOD1MbORG3X2AuOBp1lbFIS64kPyg
-8¢²(èüyýZ\{j~ãZÉ¨ndÖHÊò´UØÆ±þw 3?nÿÅnQº÷ÌóP>P8J0¨Ã"Œ_ÉÒÜcìHt§•üßp¨Nh=8%ËHÌE¬uÍHÅrÓ.Q+uìÈp4\oÎTÆóêN[ŒnXô!ŒtÚ;z­«ù
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/607fa10823f4768ee427becfcb98e12e-idmail-mailbox-pw_catch-all@30a80c5c819a6d2f.age b/secrets/rekeyed/envoy/607fa10823f4768ee427becfcb98e12e-idmail-mailbox-pw_catch-all@30a80c5c819a6d2f.age
new file mode 100644
index 0000000..655657d
--- /dev/null
+++ b/secrets/rekeyed/envoy/607fa10823f4768ee427becfcb98e12e-idmail-mailbox-pw_catch-all@30a80c5c819a6d2f.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w 9xHKoTsXryIPchQHpj0TCkrjYzJL73X9E4PatTkpcQ4
+uznzwCWVlaSkd3TsgeUE7jIqPGEYtrorBAP6Q2ep4zY
+-> x-grease KQn7
+vP56IKkmO+GVptk+iworBsPIpT7AqnMISw8yHHhCNR2Ihy77KCjBscM
+--- fEohwNhvtx1ArxQ7L5qnFjF9UE/0SaLRGnXB2rjuW1A
+»™U•î	ÑSãœ&©EÒujÔ×n‘n¹íã÷Ü
+
+DBï¯çeËÖE^ãV+igZ¾/7µ#õï¨l“=Õú…BÿÐ­C2')÷Hq
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/65fadf7ccfb558182fa099b76c0526db-idmail-mailbox-pw_catch-all@7b098b000a97e947.age b/secrets/rekeyed/envoy/65fadf7ccfb558182fa099b76c0526db-idmail-mailbox-pw_catch-all@7b098b000a97e947.age
new file mode 100644
index 0000000..32540a7
--- /dev/null
+++ b/secrets/rekeyed/envoy/65fadf7ccfb558182fa099b76c0526db-idmail-mailbox-pw_catch-all@7b098b000a97e947.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w N9mUWEbdNtvw4jZskXt2ZGzBwXxNGIcAIgQWSNtu9zw
+7iNU3zvlMWfa4iXY7BVqlCzRMaLlsC+0quWQwUYUozk
+-> P9[M-grease
+GpkRAuOj5FHe5xuzeZv6mh5PKUWMtyRqC1iVoitoE7REUB6rpJ8oXvBPo173s43G
+9vHQhmkeU1jEe/i8W/8iClm37FlPoA6OVQSmybGRiFuNWcsBOWi9l3kYn/bX
+--- mhVs9W8Q0piMYZ5JV55ayDpTC13cIdp+jfpD4cy1TK4
+±ÊÞ+‘ìN3ºvßÐi† Ì¾º¸DMf¨¨‘!%9Iâ]­éRú“ÝN%8\øšøª?ÌÀ¡Í½P–ÿít$˜ˆ%7 úqú·Ä!ÑÙ
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/69b72d5bb1fbe6b941678114b8bc3779-idmail-mailbox-pw_catch-all@cde738bc7ba35556.age b/secrets/rekeyed/envoy/69b72d5bb1fbe6b941678114b8bc3779-idmail-mailbox-pw_catch-all@cde738bc7ba35556.age
new file mode 100644
index 0000000..d50de1b
Binary files /dev/null and b/secrets/rekeyed/envoy/69b72d5bb1fbe6b941678114b8bc3779-idmail-mailbox-pw_catch-all@cde738bc7ba35556.age differ
diff --git a/secrets/rekeyed/envoy/825a81b7e683a3e0e255547043cacaed-idmail-mailbox-pw_catch-all@2171ec5b4ea361de.age b/secrets/rekeyed/envoy/825a81b7e683a3e0e255547043cacaed-idmail-mailbox-pw_catch-all@2171ec5b4ea361de.age
new file mode 100644
index 0000000..2a99490
--- /dev/null
+++ b/secrets/rekeyed/envoy/825a81b7e683a3e0e255547043cacaed-idmail-mailbox-pw_catch-all@2171ec5b4ea361de.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w S826+T9SqnIU4aCCCUdse0dfyoep8biPZpPcJd9XbxE
+9hs1+nSJCo0Y6K+bPGt4Dg78WFVDwssNzrTw6o3GiJI
+-> 7W\[-grease HSm n^&7 M*nP[ uDc
+M2eA0EryPobxGD9Ekug7PhY/9Lkh9afVQMGxFQlamPkYKzdq1VZCA+e3r/+cQ5Q8
+zPicDLWHBGB6ChELz61Bx6zwZrofiSa/cZcqeXTViUzfusY
+--- fSUlFOyenk+vxDafcml8aJdVHY0MAOCU8J4Mj3Tr21o
+\½Ô­VœÖ<Þ01 l4®ÝÎÿ÷$ruáûßí§¥óWº¹ëÞúØµCÜ¹ˆÊ¿u`Õ±/úHÃefëˆíK5V.Ë)Eº›u
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/8a0a79c570fe4367032a6dc2b07b8727-stalwart-admin-pw.age b/secrets/rekeyed/envoy/8a0a79c570fe4367032a6dc2b07b8727-stalwart-admin-pw.age
new file mode 100644
index 0000000..0acc1c0
--- /dev/null
+++ b/secrets/rekeyed/envoy/8a0a79c570fe4367032a6dc2b07b8727-stalwart-admin-pw.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w 0J9u3JGS+t6kiwgInZSh6LrbgteuGuYDMAYiIXsjiS0
+eYhHL5ouC7oMuNQwhMXYYAK21tJ4aOgqnV6lveENneo
+-> qXi1$-grease 2 o}0~mZv# N|"yDa
+xJWfySLDpLi/yu14kUAB+3CWlb6jiweScOHJG23o
+--- FrqyOGzxhzWInvDZes975yLYXR0s6Om/tdVPQqZsKCs
+Æp:qŽ CÀÑBŠ$7Æö=ñõ­…~ÂDÑ2!+t˜wþØ€'ó(þ/à‡ø@	BÌžÇ­ÃüÅ^"Ñ¼l_À&I®;¸udú‹Éÿû]Æ
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/8b788b5e8f46ee2858a4b0593d038152-idmail-mailbox-hash_catch-all@39e88e1845ef6176.age b/secrets/rekeyed/envoy/8b788b5e8f46ee2858a4b0593d038152-idmail-mailbox-hash_catch-all@39e88e1845ef6176.age
new file mode 100644
index 0000000..94380df
Binary files /dev/null and b/secrets/rekeyed/envoy/8b788b5e8f46ee2858a4b0593d038152-idmail-mailbox-hash_catch-all@39e88e1845ef6176.age differ
diff --git a/secrets/rekeyed/envoy/98f465c979b3c50466d381121cd46cab-idmail-mailbox-hash_catch-all@cde738bc7ba35556.age b/secrets/rekeyed/envoy/98f465c979b3c50466d381121cd46cab-idmail-mailbox-hash_catch-all@cde738bc7ba35556.age
new file mode 100644
index 0000000..3f3991d
--- /dev/null
+++ b/secrets/rekeyed/envoy/98f465c979b3c50466d381121cd46cab-idmail-mailbox-hash_catch-all@cde738bc7ba35556.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w Z9bxq/m67wt27YLFMGDc/mRCwpOYWoyleE1kq6ULF2w
+TC9+IRTAIoZyK4Zf9c3WO29r7Ofzey5oMXib/LmQblQ
+-> Gp"-grease hzbGw mS [pe
+LKBfjRckJwOjFNHjltM/O+16s+K/tzItw4I3+JOCPQZ1eA
+--- ygl3F9EOdj2RhG5GADVUbguGvWIPxvRTJsWHnT2hbys
+¤”·ú6Àþ¨ÙãëgÃ :²2{ƒü3RA*úŠ›¡¶R0©aÂ‹”\U@>	ÌD?€‚¼d`;ÚX®äà±cGïïç—âgŸ/“{º€=Ã¦~cx]ønïš3xºWt”‰jñ£Çy{ÁÙŸó6[÷•öÚ‰pÒ¯»I/7X¦~ÿñ]ÍµGr	J§‹sÆÄd_ øSä|FÌÜÿàs˜%XU†y!
+ª•ŒæÍÄ<®³‡@!£jÄ’K14ÐÓO6Ât]#7ªÃD´Ÿ%Fs#cðH¦ã1~Š,N¤[Š+A'-y²ýCÑŽñÎˆÅHW!©˜hMÁ·éŽ	cÏ45‰ªLBâÕ&"‹æL…ï
+ç¹Î-0º}£sþî`!Íûà€¯Ùff
+Dm×û?
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/acf0b090d94289aa33a7abe02bb4b0e1-idmail-mailbox-pw_catch-all@b3ad8b0f0313feef.age b/secrets/rekeyed/envoy/acf0b090d94289aa33a7abe02bb4b0e1-idmail-mailbox-pw_catch-all@b3ad8b0f0313feef.age
new file mode 100644
index 0000000..4270d60
--- /dev/null
+++ b/secrets/rekeyed/envoy/acf0b090d94289aa33a7abe02bb4b0e1-idmail-mailbox-pw_catch-all@b3ad8b0f0313feef.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w EJmmMDqhjpdje5w2XhXrTEmf7bM+z7nSOWBkdaDF41w
+QTTc70EUolP/ED6dzSbmMlkGUH0tufl1nDw89Naamsg
+-> kh!x-grease V \ZB/O j*.b6m'
+elk7wq0IFo0Wz03+g4Lh
+--- P6ertGMfxGfckpYEcjd996vcGoRKAinM+k1dV/ExcOc
+Žï8¨W¯ÍÉY;¢Ì_ì£û®ÑÉ_÷SV¸:…p"	žVÜŽÐž­©~õý§L…[•ÜÕxoaœŽ›”
+YF·ük?]¥+˜d“À
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/b9197385e28d009cf8ac7eeb1925f062-idmail-mailbox-hash_catch-all@2171ec5b4ea361de.age b/secrets/rekeyed/envoy/b9197385e28d009cf8ac7eeb1925f062-idmail-mailbox-hash_catch-all@2171ec5b4ea361de.age
new file mode 100644
index 0000000..dca84e6
Binary files /dev/null and b/secrets/rekeyed/envoy/b9197385e28d009cf8ac7eeb1925f062-idmail-mailbox-hash_catch-all@2171ec5b4ea361de.age differ
diff --git a/secrets/rekeyed/envoy/baa0cd6fc5d610bf012834323d0febcb-stalwart-admin-hash.age b/secrets/rekeyed/envoy/baa0cd6fc5d610bf012834323d0febcb-stalwart-admin-hash.age
new file mode 100644
index 0000000..76e9639
Binary files /dev/null and b/secrets/rekeyed/envoy/baa0cd6fc5d610bf012834323d0febcb-stalwart-admin-hash.age differ
diff --git a/secrets/rekeyed/envoy/c738bec281d57a1c1e7a8510949100da-idmail-mailbox-hash_catch-all@30a80c5c819a6d2f.age b/secrets/rekeyed/envoy/c738bec281d57a1c1e7a8510949100da-idmail-mailbox-hash_catch-all@30a80c5c819a6d2f.age
new file mode 100644
index 0000000..af03987
Binary files /dev/null and b/secrets/rekeyed/envoy/c738bec281d57a1c1e7a8510949100da-idmail-mailbox-hash_catch-all@30a80c5c819a6d2f.age differ
diff --git a/secrets/rekeyed/envoy/dceddc3043473dfa8d8c1976e9810622-idmail-mailbox-pw_catch-all@477075fe5513c902.age b/secrets/rekeyed/envoy/dceddc3043473dfa8d8c1976e9810622-idmail-mailbox-pw_catch-all@477075fe5513c902.age
new file mode 100644
index 0000000..17ed851
--- /dev/null
+++ b/secrets/rekeyed/envoy/dceddc3043473dfa8d8c1976e9810622-idmail-mailbox-pw_catch-all@477075fe5513c902.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 rz300w SQoLq+Es6/NvmUCwNaPSMloLPpQ9GKbu6UES2VP03VU
+Dzn8KF4fDL+NnIO3iOSiC/K0w4RGxau00v0oLbpDLOE
+-> Whx!)}-grease
+CQXmmH5hUagWqNhk
+--- hUTqCDD4arRwuHf3O1BAbiUxqopLpib1gJRkxqh37RA
+>»ÃÁ+!‘ÜjÞÀdúÕøë¹HómÙž¨eÞ=³qI¤Ž£S¬×G@i>´¨ë½¥ËÆ «,
+ÔEFOýØº'žog•³Ñ”-ÍÈ1FVÊ¸
\ No newline at end of file
diff --git a/secrets/rekeyed/envoy/e31e38256af974e40952071d88c6732f-idmail-mailbox-hash_catch-all@b3ad8b0f0313feef.age b/secrets/rekeyed/envoy/e31e38256af974e40952071d88c6732f-idmail-mailbox-hash_catch-all@b3ad8b0f0313feef.age
new file mode 100644
index 0000000..6f5d54d
Binary files /dev/null and b/secrets/rekeyed/envoy/e31e38256af974e40952071d88c6732f-idmail-mailbox-hash_catch-all@b3ad8b0f0313feef.age differ
diff --git a/secrets/rekeyed/envoy/ef5fc4197f5f066ec09387f4769f0cd2-idmail-mailbox-hash_catch-all@5b58b7c64bdf6ac8.age b/secrets/rekeyed/envoy/ef5fc4197f5f066ec09387f4769f0cd2-idmail-mailbox-hash_catch-all@5b58b7c64bdf6ac8.age
new file mode 100644
index 0000000..f77df64
Binary files /dev/null and b/secrets/rekeyed/envoy/ef5fc4197f5f066ec09387f4769f0cd2-idmail-mailbox-hash_catch-all@5b58b7c64bdf6ac8.age differ