diff --git a/core/nginx/conf/nginx.conf b/core/nginx/conf/nginx.conf
index 9ad7019b..5b7f9bac 100644
--- a/core/nginx/conf/nginx.conf
+++ b/core/nginx/conf/nginx.conf
@@ -18,9 +18,16 @@ http {
     keepalive_timeout  65;
     server_tokens off;
     absolute_redirect off;
+    resolver {{ RESOLVER }} valid=30s;
 
     # Main HTTP server
     server {
+      # Variables for proxifying
+      set $admin admin;
+      set $antispam antispam:11334;
+      set $webmail webmail;
+      set $webdav webdav:5232;
+
       # Always listen over HTTP
       listen 80;
       listen [::]:80;
@@ -44,7 +51,7 @@ http {
       # In any case, enable the proxy for certbot if the flavor is letsencrypt
       {% if TLS_FLAVOR == 'letsencrypt' %}
       location ^~ /.well-known/acme-challenge/ {
-          proxy_pass http://localhost:8008;
+          proxy_pass http://127.0.0.1:8008;
       }
       {% endif %}
 
@@ -64,7 +71,8 @@ http {
       location {{ WEB_WEBMAIL }} {
         rewrite ^({{ WEB_WEBMAIL }})$ $1/ permanent;
         rewrite ^{{ WEB_WEBMAIL }}/(.*) /$1 break;
-        proxy_pass http://webmail;
+        proxy_set_header Host $host;
+        proxy_pass http://$webmail;
       }
       {% endif %}
 
@@ -76,7 +84,8 @@ http {
       location ~ {{ WEB_ADMIN }}/(ui|static) {
         rewrite ^{{ WEB_ADMIN }}/(.*) /$1 break;
         proxy_set_header X-Forwarded-Prefix {{ WEB_ADMIN }};
-        proxy_pass http://admin;
+        proxy_set_header Host $host;
+        proxy_pass http://$admin;
       }
 
       location {{ WEB_ADMIN }}/antispam {
@@ -84,14 +93,14 @@ http {
         auth_request /internal/auth/admin;
         proxy_set_header X-Real-IP "";
         proxy_set_header X-Forwarded-For "";
-        proxy_pass http://antispam:11334;
+        proxy_pass http://$antispam;
       }
       {% endif %}
 
       {% if WEBDAV != 'none' %}
       location /webdav {
         rewrite ^/webdav/(.*) /$1 break;
-        proxy_pass http://webdav:5232;
+        proxy_pass http://$webdav;
       }
       {% endif %}
       {% endif %}
@@ -99,7 +108,7 @@ http {
       location /internal {
         internal;
 
-        proxy_pass http://admin;
+        proxy_pass http://$admin;
         proxy_pass_request_body off;
         proxy_set_header Content-Length "";
       }
@@ -110,7 +119,7 @@ http {
       listen 127.0.0.1:8000;
 
       location / {
-        proxy_pass http://admin/internal/;
+        proxy_pass http://$admin/internal/;
       }
     }
 }
diff --git a/core/nginx/config.py b/core/nginx/config.py
index 5bd41870..7650aa71 100755
--- a/core/nginx/config.py
+++ b/core/nginx/config.py
@@ -7,6 +7,13 @@ convert = lambda src, dst, args: open(dst, "w").write(jinja2.Template(open(src).
 
 args = os.environ.copy()
 
+# Get the first DNS server
+with open("/etc/resolv.conf") as handle:
+    content = handle.read().split()
+    args["RESOLVER"] = content[content.index("nameserver") + 1]
+
+
+# TLS configuration
 args["TLS"] = {
     "cert": ("/certs/cert.pem", "/certs/key.pem"),
     "mail": ("/certs/cert.pem", "/certs/key.pem"),
@@ -20,6 +27,7 @@ if args["TLS"] and not all(os.path.exists(file_path) for file_path in args["TLS"
     args["TLS_ERROR"] = "yes"
 
 
+# Build final configuration paths
 convert("/conf/tls.conf", "/etc/nginx/tls.conf", args)
 convert("/conf/nginx.conf", "/etc/nginx/nginx.conf", args)
 os.system("nginx -s reload")