diff --git a/exim.changes b/exim.changes
index 2d17890..9dd14bc 100644
--- a/exim.changes
+++ b/exim.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Sep 14 07:31:37 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
+
+- Added hardening to systemd service(s) (bsc#1181400). Modified:
+  * exim.service
+
 -------------------------------------------------------------------
 Thu Jul  8 06:08:34 UTC 2021 - Steve Kowalik <steven.kowalik@suse.com>
 
diff --git a/exim.service b/exim.service
index 28479b2..a0bec81 100644
--- a/exim.service
+++ b/exim.service
@@ -5,6 +5,19 @@ Conflicts=sendmail.service postfix.service
 
 [Service]
 PrivateTmp=true
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+PrivateDevices=true
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions 
 Environment=QUEUE=1h
 EnvironmentFile=-/etc/sysconfig/exim
 ExecStart=/usr/sbin/exim $EXIM_ARGS