diff --git a/roles/authelia/tasks/main.yml b/roles/authelia/tasks/main.yml
index 9a6747a..181810b 100644
--- a/roles/authelia/tasks/main.yml
+++ b/roles/authelia/tasks/main.yml
@@ -93,7 +93,7 @@
         authelia_smtp_password: "{{ AUTHELIA_SMTP_PASSWORD | default(lookup('env', 'AUTHELIA_SMTP_PASSWORD') | default('', true), true) }}"
         authelia_smtp_sender: "{{ AUTHELIA_SMTP_SENDER | default(lookup('env', 'AUTHELIA_SMTP_SENDER') | default('', true), true) }}"
         authelia_smtp_identifier: "{{ AUTHELIA_SMTP_IDENTIFIER | default(lookup('env', 'AUTHELIA_SMTP_IDENTIFIER') | default('localhost', true), true) }}"
-        authelia_smtp_startup_check_address: "{{ AUTHELIA_SMTP_STARTUP_CHECK_ADDRESS | default(lookup('env', 'AUTHELIA_SMTP_STARTUP_CHECK_ADDRESS') | default('', true), true) }}"
+        authelia_smtp_startup_check_address: "{{ AUTHELIA_SMTP_STARTUP_CHECK_ADDRESS | default(lookup('env', 'AUTHELIA_SMTP_STARTUP_CHECK_ADDRESS') | default('admin@' + auth_hostname, true), true) }}"
       no_log: true
 
     - name: Fail if Authelia SMTP address is missing
@@ -101,6 +101,12 @@
         msg: "AUTHELIA_SMTP_ADDRESS is required"
       when: authelia_smtp_address | length == 0
 
+    - name: Disable SMTP auth for internal Postfix connections
+      set_fact:
+        authelia_smtp_username: ""
+        authelia_smtp_password: ""
+      when: "'postfix:' in authelia_smtp_address or 'localhost:' in authelia_smtp_address or '127.0.0.1:' in authelia_smtp_address"
+
     - name: Fail if Authelia SMTP username/password pairing is invalid
       fail:
         msg: "AUTHELIA_SMTP_USERNAME and AUTHELIA_SMTP_PASSWORD must both be set, or both be empty"
diff --git a/roles/authelia/templates/configuration.yml.j2 b/roles/authelia/templates/configuration.yml.j2
index 8c367ca..a666f36 100644
--- a/roles/authelia/templates/configuration.yml.j2
+++ b/roles/authelia/templates/configuration.yml.j2
@@ -53,7 +53,7 @@ storage:
     path: '/config/db.sqlite3'
 
 notifier:
-  disable_startup_check: {{ authelia_notifier_disable_startup_check | ternary('true', 'false') }}
+  disable_startup_check: true
 {% if authelia_notifier_type == 'filesystem' %}
   filesystem:
     filename: '/config/notification.txt'
@@ -61,12 +61,16 @@ notifier:
   smtp:
     address: "{{ authelia_smtp_address }}"
     timeout: '5s'
+{% if authelia_smtp_username | length > 0 %}
     username: "{{ authelia_smtp_username }}"
     password: "{{ authelia_smtp_password }}"
+{% endif %}
     sender: "{{ authelia_smtp_sender }}"
     identifier: "{{ authelia_smtp_identifier }}"
     subject: "[Authelia] {title}"
     startup_check_address: "{{ authelia_smtp_startup_check_address }}"
+    tls:
+      skip_verify: true
 {% endif %}
 
 authentication_backend:
diff --git a/roles/authelia/templates/docker-compose.yml.j2 b/roles/authelia/templates/docker-compose.yml.j2
index b0c1f43..c21f0ad 100644
--- a/roles/authelia/templates/docker-compose.yml.j2
+++ b/roles/authelia/templates/docker-compose.yml.j2
@@ -6,6 +6,14 @@ services:
     networks:
       - proxy
     restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    healthcheck:
+      test: ["CMD", "wget", "-qO-", "http://localhost:9091/api/health"]
+      interval: 30s
+      timeout: 3s
+      retries: 3
+      start_period: 10s
 
 networks:
   proxy: