diff --git a/nixos/modules/mailman.nix b/nixos/modules/mailman.nix
index 4730008..7e07a4e 100644
--- a/nixos/modules/mailman.nix
+++ b/nixos/modules/mailman.nix
@@ -37,7 +37,7 @@ in {
           proxy_interfaces = "130.83.2.184";
           smtputf8_enable = "no"; # HRZ does not know SMTPUTF8
         };
-        relayHost = "mailout.hrz.tu-darmstadt.de"; # Relay to HRZ (see https://www.hrz.tu-darmstadt.de/services/it_services/email_infrastruktur/index.de.jsp)
+        relayHost = "mailout.hrz.tu-darmstadt.de"; # Relay to HRZ
       };
       mailman = {
         enable = true;
@@ -45,12 +45,11 @@ in {
         hyperkitty.enable = true;
         webHosts = [cfg.hostName];
         serve.enable = true; #
-        # Don't include confirmation tokens in reply addresses, because we would need to send them to HRZ otherwise.
         settings.mta.verp_confirmations = "no";
       };
       nginx.virtualHosts.${cfg.hostName} = {
-        enableACME = true; # Get certificates (primarily for postfix)
-        forceSSL = false; # Don't use HTTPS behind the proxy
+        enableACME = true;
+        forceSSL = false;
       };
     };
 
@@ -68,23 +67,22 @@ in {
     networking.firewall.allowedTCPPorts = [25 80 443];
 
     # Update HRZ allowlist
-    # For account details see https://www-cgi.hrz.tu-darmstadt.de/mail/
-    # will stop working if no valid TUIDs are associated to our domain.
+    #
     systemd.timers."mailAllowlist" = {
       wantedBy = ["timers.target"];
       timerConfig = {
         OnBootSec = "5m"; # Run every 5 minutes
         OnUnitActiveSec = "5m";
-        RandomizedDelaySec = "2m"; # prevent overload on regular intervals
+        RandomizedDelaySec = "1m"; # Randomized delay
         Unit = "mailAllowlist.service";
       };
     };
     systemd.services."mailAllowlist" = {
-      description = "Allowlist update: Post the mail addresses used by mailman to the HRZ allowllist";
+      description = "Post the mail addresses used by mailman to the HRZ allow list";
       script = ''
-        # Get the mail addresses' local-part
+        # Parse addresses
         cut -d '@' -f 1 /var/lib/mailman/data/postfix_lmtp | grep -v '#' | grep "\S" > /tmp/addresses
-        # Post local-parts to HRZ
+        # Post addresses to HRZ
         ${pkgs.curl}/bin/curl https://www-cgi.hrz.tu-darmstadt.de/mail/whitelist-update.php -F emaildomain=lists.mathebau.de -F password=$(cat /run/secrets/allowlistPass) -F emailliste=@/tmp/addresses -F meldungen=voll
         # Cleanup
         rm /tmp/addresses