diff --git a/volumes/conf.d/mail.zinomedia.de.conf b/volumes/conf.d/mail.zinomedia.de.conf
new file mode 100644
index 0000000..1d38096
--- /dev/null
+++ b/volumes/conf.d/mail.zinomedia.de.conf
@@ -0,0 +1,54 @@
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name mail.zinomedia.de autodiscover.* autoconfig.*;
+
+    ssl_certificate /opt/mailcow-dockerized/data/assets/ssl/cert.pem;
+    ssl_certificate_key /opt/mailcow-dockerized/data/assets/ssl/key.pem;
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:SSL:50m;
+    ssl_session_tickets off;
+
+    ssl_protocols TLSv1.2;
+    ssl_ciphers HIGH:!aNULL:!MD5:!SHA1:!kRSA;
+    ssl_prefer_server_ciphers off;
+
+    resolver 127.0.0.11;
+
+    location /Microsoft-Server-ActiveSync {
+        set $upstream_mailcow "http://127.0.0.1:8080/Microsoft-Server-ActiveSync";
+
+        proxy_pass $upstream_mailcow;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_connect_timeout 75;
+        proxy_send_timeout 3650;
+        proxy_read_timeout 3650;
+        proxy_buffers 64 512k;
+        client_body_buffer_size 512k;
+        client_max_body_size 0;
+    }
+
+    location / {
+        set $upstream_mailcow "http://127.0.0.1:8080/";
+
+        proxy_pass $upstream_mailcow;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        client_max_body_size 0;
+        proxy_buffer_size 128k;
+        proxy_buffers 64 512k;
+        proxy_busy_buffers_size 512k;
+    }
+}
+
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    server_name mail.zinomedia.de autodiscover.* autoconfig.*;
+    return 301 https://$host$request_uri;
+}
\ No newline at end of file