diff --git a/content/posts/linux/Slightly Improving Mailcow Security.md b/content/posts/linux/Slightly Improving Mailcow Security.md
index 1c09f87..320070b 100644
--- a/content/posts/linux/Slightly Improving Mailcow Security.md	
+++ b/content/posts/linux/Slightly Improving Mailcow Security.md	
@@ -68,16 +68,29 @@ add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autopl
 
 Use the following as your [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP#:~:text=Content%20Security%20Policy%20(CSP)%20is,site%20defacement%2C%20to%20malware%20distribution.):
 
+#### If you use Gravatar with SOGo
+
 ```
-add_header Content-Security-Policy "default-src 'none'; connect-src 'self' https://api.github.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'";
+add_header Content-Security-Policy "default-src 'none'; connect-src 'self' https://api.github.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'";
+```
+
+#### If you do not use Gravatar with SOGo
+
+```
+add_header Content-Security-Policy "default-src 'none'; connect-src 'self' https://api.github.com https://www.gravatar.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'";
 ```
 
 ### CORP, COEP, COOP
 
-Mailcow does not use any cross site scripts, images, or documents. Thus, you should set these headers to their strictest configuration:
+Mailcow does not use any cross site scripts, or documents. Thus, you should set CORP and COOP headers to their strictest configuration:
 
 ```
 add_header Cross-Origin-Opener-Policy same-origin;
-add_header Cross-Origin-Embedder-Policy require-corp;
 add_header Cross-Origin-Resource-Policy same-origin;
+```
+
+If you do not use Gravatar with SOGo, you can also set COEP to require-corp:
+
+```
+add_header Cross-Origin-Embedder-Policy require-corp;
 ```
\ No newline at end of file