diff --git a/roles/web-app-keycloak/tasks/main.yml b/roles/web-app-keycloak/tasks/main.yml
index bb98d3d5..2705d5ee 100644
--- a/roles/web-app-keycloak/tasks/main.yml
+++ b/roles/web-app-keycloak/tasks/main.yml
@@ -58,6 +58,24 @@
         }}
   include_tasks: _update.yml
 
+- name: "Update REALM mail settings"
+  include_tasks: _update.yml
+  vars:
+    kc_object_kind: "realm"
+    kc_lookup_field: "id"
+    kc_lookup_value: "{{ KEYCLOAK_REALM }}"
+    kc_desired:
+      smtpServer:
+        from: "no-reply@{{ DEFAULT_SYSTEM_EMAIL.DOMAIN }}"
+        fromDisplayName: "{{ SOFTWARE_NAME | default('Infinito.Nexus') }}"
+        host: "{{ DEFAULT_SYSTEM_EMAIL.HOST }}"
+        port: "{{ DEFAULT_SYSTEM_EMAIL.PORT }}"
+        # Keycloak expects strings "true"/"false"
+        ssl: "{{ 'true' if not DEFAULT_SYSTEM_EMAIL.START_TLS and DEFAULT_SYSTEM_EMAIL.TLS else 'false' }}"
+        starttls: "{{ 'true' if DEFAULT_SYSTEM_EMAIL.START_TLS else 'false' }}"
+        user: "{{ DEFAULT_SYSTEM_EMAIL.USER | default('') }}"
+        password: "{{ DEFAULT_SYSTEM_EMAIL.PASSWORD | default('') }}"
+
 - include_tasks: 05_rbac_client_scope.yml
 
 - include_tasks: 06_ldap.yml