diff --git a/README.md b/README.md
index f5d6898..ce047b8 100644
--- a/README.md
+++ b/README.md
@@ -20,6 +20,7 @@ pwgen -s 64 1; ./scripts/genpw.py # input password & get hashed output for secre
 printf <...> | docker secret create gp_monitoring_loki_admin_password_v1 -
 
 printf <...> | docker secret create gp_monitoring_alertmanager_smtp_password_v1 -
+printf <...> | docker secret create gp_monitoring_grafana_smtp_password_v1 -
 
 set -a && source env && set +a
 docker context use monitor.autonomic.zone
diff --git a/compose.yml b/compose.yml
index 14f828a..dc8fc88 100644
--- a/compose.yml
+++ b/compose.yml
@@ -9,6 +9,7 @@ services:
     secrets:
       - grafana_admin_password
       - grafana_oauth_client_secret
+      - grafana_smtp_password
     configs:
       - source: grafana_custom_ini
         target: /etc/grafana/grafana.ini
@@ -189,6 +190,9 @@ secrets:
   grafana_oauth_client_secret:
     external: true
     name: ${STACK_NAME}_grafana_oauth_client_secret_${SECRET_GRAFANA_OAUTH_CLIENT_SECRET_VERSION}
+  grafana_smtp_password:
+    external: true
+    name: ${STACK_NAME}_grafana_smtp_password_${SECRET_GRAFANA_SMTP_PASSWORD_VERSION}
   prometheus_admin_password_hashed:
     external: true
     name: ${STACK_NAME}_prometheus_admin_password_hashed_${SECRET_PROMETHEUS_ADMIN_PASSWORD_HASHED_VERSION}
diff --git a/env b/env
index 43511ed..387edd9 100644
--- a/env
+++ b/env
@@ -40,7 +40,7 @@ GRAFANA_DASHBOARDS_YML_VERSION=v1
 GRAFANA_SWARM_DASHBOARD_JSON_VERSION=v1
 GRAFANA_STACKS_DASHBOARD_JSON_VERSION=v1
 GRAFANA_TRAEFIK_DASHBOARD_JSON_VERSION=v1
-GRAFANA_CUSTOM_INI_VERSION=v2
+GRAFANA_CUSTOM_INI_VERSION=v3
 PROMETHEUS_WEB_YML_VERSION=v2
 ALERTMANAGER_CONFIG_VERSION=v2
 NGINX_CONFIG_VERSION=v5
@@ -60,5 +60,10 @@ SECRET_LOKI_ADMIN_PASSWORD_HASHED_VERSION=v1
 SECRET_SWARM_DEMO_ADMIN_PASSWORD_VERSION=v1
 
 ALERTMANAGER_SMTP_FROM=noreply@autonomic.zone
-ALERTMANAGER_SMTP_HOST=mail.gandi.net:465
+ALERTMANAGER_SMTP_HOST=mail.gandi.net:587
 ALERTMANAGER_SMTP_TO=kaboom@autonomic.zone
+
+GRAFANA_SMTP_HOST=mail.gandi.net:587
+GRAFANA_SMTP_USER=noreply@autonomic.zone
+GRAFANA_SMTP_FROM_ADDRESS=noreply@autonomic.zone
+SECRET_GRAFANA_SMTP_PASSWORD_VERSION=v1
diff --git a/grafana_custom.ini b/grafana_custom.ini
index cd1c546..234b33a 100644
--- a/grafana_custom.ini
+++ b/grafana_custom.ini
@@ -28,3 +28,11 @@ enabled = false
 
 [plugins]
 enable_alpha = true
+
+[smtp]
+enabled = true
+host = {{ env "GRAFANA_SMTP_HOST" }}
+user = {{ env "GRAFANA_SMTP_USER" }}
+password = {{ secret "grafana_smtp_password" }}
+from_address = {{ env "GRAFANA_FROM_ADDRESS" }}
+startTLS_policy = MandatoryStartTLS