diff --git a/app/src/main/java/eu/faircode/email/DnsHelper.java b/app/src/main/java/eu/faircode/email/DnsHelper.java
index 305ab4dc68..ee1f0c7c91 100644
--- a/app/src/main/java/eu/faircode/email/DnsHelper.java
+++ b/app/src/main/java/eu/faircode/email/DnsHelper.java
@@ -20,6 +20,7 @@ package eu.faircode.email;
 */
 
 import android.content.Context;
+import android.content.SharedPreferences;
 import android.net.ConnectivityManager;
 import android.net.DnsResolver;
 import android.net.LinkProperties;
@@ -28,6 +29,7 @@ import android.os.Build;
 import android.text.TextUtils;
 
 import androidx.annotation.NonNull;
+import androidx.preference.PreferenceManager;
 
 import org.minidns.AbstractDnsClient;
 import org.minidns.DnsClient;
@@ -328,29 +330,6 @@ public class DnsHelper {
         }
     }
 
-    private static List<String> getDnsServers(Context context) {
-        List<String> result = new ArrayList<>();
-        result.add(DEFAULT_DNS);
-
-        ConnectivityManager cm = Helper.getSystemService(context, ConnectivityManager.class);
-        if (cm == null)
-            return result;
-
-        Network active = ConnectionHelper.getActiveNetwork(context);
-        if (active == null)
-            return result;
-
-        LinkProperties props = cm.getLinkProperties(active);
-        if (props == null)
-            return result;
-
-        List<InetAddress> dns = props.getDnsServers();
-        for (int i = 0; i < dns.size(); i++)
-            result.add(i, dns.get(i).getHostAddress());
-
-        return result;
-    }
-
     static InetAddress getByName(Context context, String host) throws UnknownHostException {
         return InetAddress.getByName(host);
     }
@@ -384,6 +363,49 @@ public class DnsHelper {
             throw new CertificateException("DANE missing or invalid");
     }
 
+    private static List<String> getDnsServers(Context context) {
+        List<String> result = new ArrayList<>();
+
+        SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(context);
+        String dns_extra = prefs.getString("dns_extra", null);
+        if (TextUtils.isEmpty(dns_extra))
+            return result;
+
+        String[] extras = dns_extra.replaceAll("\\s+", "").split(",");
+        for (String extra : extras)
+            if (ConnectionHelper.isNumericAddress(extra))
+                result.add(extra);
+            else
+                Log.w("DNS extra invalid=" + extra);
+
+        result.addAll(_getDnsServers(context));
+
+        return result;
+    }
+
+    private static List<String> _getDnsServers(Context context) {
+        List<String> result = new ArrayList<>();
+        result.add(DEFAULT_DNS);
+
+        ConnectivityManager cm = Helper.getSystemService(context, ConnectivityManager.class);
+        if (cm == null)
+            return result;
+
+        Network active = ConnectionHelper.getActiveNetwork(context);
+        if (active == null)
+            return result;
+
+        LinkProperties props = cm.getLinkProperties(active);
+        if (props == null)
+            return result;
+
+        List<InetAddress> dns = props.getDnsServers();
+        for (int i = 0; i < dns.size(); i++)
+            result.add(i, dns.get(i).getHostAddress());
+
+        return result;
+    }
+
     static void test(Context context) throws UnknownHostException {
         test(context, "gmail.com", "ns");
         test(context, "gmail.com", "mx");
diff --git a/app/src/main/java/eu/faircode/email/FragmentOptionsConnection.java b/app/src/main/java/eu/faircode/email/FragmentOptionsConnection.java
index d9a65cd519..1564814215 100644
--- a/app/src/main/java/eu/faircode/email/FragmentOptionsConnection.java
+++ b/app/src/main/java/eu/faircode/email/FragmentOptionsConnection.java
@@ -94,6 +94,7 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
     private SwitchCompat swPreferIp4;
     private SwitchCompat swBindSocket;
     private SwitchCompat swStandaloneVpn;
+    private EditText etDns;
     private SwitchCompat swTcpKeepAlive;
     private SwitchCompat swSslUpdate;
     private SwitchCompat swSslHarden;
@@ -125,7 +126,7 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
             "metered", "download", "download_limited", "roaming", "rlah",
             "download_headers", "download_eml", "download_plain",
             "require_validated", "require_validated_captive", "vpn_only",
-            "timeout", "prefer_ip4", "bind_socket", "standalone_vpn", "tcp_keep_alive",
+            "timeout", "prefer_ip4", "bind_socket", "standalone_vpn", "dns_extra", "tcp_keep_alive",
             "ssl_update", "ssl_harden", "ssl_harden_strict", "cert_strict", "cert_transparency", "check_names",
             "open_safe", "http_redirect",
             "bouncy_castle", "bc_fips"
@@ -157,6 +158,7 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
         swPreferIp4 = view.findViewById(R.id.swPreferIp4);
         swBindSocket = view.findViewById(R.id.swBindSocket);
         swStandaloneVpn = view.findViewById(R.id.swStandaloneVpn);
+        etDns = view.findViewById(R.id.etDns);
         swTcpKeepAlive = view.findViewById(R.id.swTcpKeepAlive);
         swSslUpdate = view.findViewById(R.id.swSslUpdate);
         swSslHarden = view.findViewById(R.id.swSslHarden);
@@ -335,6 +337,23 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
             }
         });
 
+        etDns.addTextChangedListener(new TextWatcher() {
+            @Override
+            public void beforeTextChanged(CharSequence s, int start, int count, int after) {
+                // Do nothing
+            }
+
+            @Override
+            public void onTextChanged(CharSequence s, int start, int before, int count) {
+                prefs.edit().putString("dns_extra", s.toString()).apply();
+            }
+
+            @Override
+            public void afterTextChanged(Editable s) {
+                // Do nothing
+            }
+        });
+
         swTcpKeepAlive.setOnCheckedChangeListener(new CompoundButton.OnCheckedChangeListener() {
             @Override
             public void onCheckedChanged(CompoundButton compoundButton, boolean checked) {
@@ -623,6 +642,8 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
     public void onSharedPreferenceChanged(SharedPreferences prefs, String key) {
         if ("timeout".equals(key))
             return;
+        if ("dns_extra".equals(key))
+            return;
 
         getMainHandler().removeCallbacks(update);
         getMainHandler().postDelayed(update, FragmentOptions.DELAY_SETOPTIONS);
@@ -714,6 +735,7 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
             swPreferIp4.setChecked(prefs.getBoolean("prefer_ip4", true));
             swBindSocket.setChecked(prefs.getBoolean("bind_socket", false));
             swStandaloneVpn.setChecked(prefs.getBoolean("standalone_vpn", false));
+            etDns.setText(prefs.getString("dns_extra", null));
             swTcpKeepAlive.setChecked(prefs.getBoolean("tcp_keep_alive", false));
             swSslUpdate.setChecked(prefs.getBoolean("ssl_update", true));
             swSslHarden.setChecked(prefs.getBoolean("ssl_harden", false));
diff --git a/app/src/main/res/layout/fragment_options_connection.xml b/app/src/main/res/layout/fragment_options_connection.xml
index 7c84d3972b..96b05c38ea 100644
--- a/app/src/main/res/layout/fragment_options_connection.xml
+++ b/app/src/main/res/layout/fragment_options_connection.xml
@@ -423,6 +423,31 @@
                     app:layout_constraintTop_toBottomOf="@id/swBindSocket"
                     app:switchPadding="12dp" />
 
+                <TextView
+                    android:id="@+id/tvDns"
+                    android:layout_width="0dp"
+                    android:layout_height="wrap_content"
+                    android:layout_marginTop="12dp"
+                    android:layout_marginEnd="48dp"
+                    android:text="@string/title_advanced_dns"
+                    android:textAppearance="@style/TextAppearance.AppCompat.Small"
+                    android:textColor="?android:attr/textColorPrimary"
+                    app:layout_constraintEnd_toEndOf="parent"
+                    app:layout_constraintStart_toStartOf="parent"
+                    app:layout_constraintTop_toBottomOf="@id/swStandaloneVpn" />
+
+                <eu.faircode.email.EditTextPlain
+                    android:id="@+id/etDns"
+                    android:layout_width="0dp"
+                    android:layout_height="wrap_content"
+                    android:layout_marginEnd="48dp"
+                    android:imeOptions="actionDone"
+                    android:inputType="text"
+                    android:textAppearance="@style/TextAppearance.AppCompat.Medium"
+                    app:layout_constraintEnd_toEndOf="parent"
+                    app:layout_constraintStart_toStartOf="parent"
+                    app:layout_constraintTop_toBottomOf="@id/tvDns" />
+
                 <androidx.appcompat.widget.SwitchCompat
                     android:id="@+id/swTcpKeepAlive"
                     android:layout_width="0dp"
@@ -432,7 +457,7 @@
                     android:text="@string/title_advanced_tcp_keep_alive"
                     app:layout_constraintEnd_toEndOf="parent"
                     app:layout_constraintStart_toStartOf="parent"
-                    app:layout_constraintTop_toBottomOf="@id/swStandaloneVpn"
+                    app:layout_constraintTop_toBottomOf="@id/etDns"
                     app:switchPadding="12dp" />
 
                 <TextView
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 324546510a..dce538cfc1 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -517,6 +517,7 @@
     <string name="title_advanced_prefer_ip4">Prefer IPv4 over IPv6</string>
     <string name="title_advanced_bind_socket" translatable="false">Bind sockets to the active network</string>
     <string name="title_advanced_standalone_vpn" translatable="false">Standalone VPN</string>
+    <string name="title_advanced_dns">Additional DNS server addresses (comma separated)</string>
     <string name="title_advanced_tcp_keep_alive" translatable="false">TCP keep alive</string>
     <string name="title_advanced_ssl_update">Use updated SSL provider</string>
     <string name="title_advanced_ssl_harden">Harden SSL connections</string>