diff --git a/inventory/group_vars/mbs-frontend b/inventory/group_vars/mbs-frontend
index 34e3981f0a..b84a047deb 100644
--- a/inventory/group_vars/mbs-frontend
+++ b/inventory/group_vars/mbs-frontend
@@ -24,8 +24,8 @@ fas_client_groups: sysadmin-noc,sysadmin-releng
 # These are consumed by a task in roles/fedmsg/base/main.yml
 fedmsg_certs:
 - service: mbs
-  owner: root
-  group: apache 
+  owner: fedmsg
+  group: fedmsg
   can_send:
   - mbs.module.state.change
   # Only the backend sends this message..
diff --git a/inventory/group_vars/mbs-frontend-stg b/inventory/group_vars/mbs-frontend-stg
index 1c104763c7..0b692933c7 100644
--- a/inventory/group_vars/mbs-frontend-stg
+++ b/inventory/group_vars/mbs-frontend-stg
@@ -24,8 +24,8 @@ fas_client_groups: sysadmin-noc,sysadmin-releng
 # These are consumed by a task in roles/fedmsg/base/main.yml
 fedmsg_certs:
 - service: mbs
-  owner: root
-  group: apache 
+  owner: fedmsg
+  group: fedmsg
   can_send:
   - mbs.module.state.change
   # Only the backend sends this message..
diff --git a/playbooks/clear_memcached.yml b/playbooks/clear_memcached.yml
index fe913c3656..eaae858dad 100644
--- a/playbooks/clear_memcached.yml
+++ b/playbooks/clear_memcached.yml
@@ -1,5 +1,5 @@
 - name: clear memcache
-  hosts: memcached
+  hosts: memcached:memcached-stg
   serial: 1
 
   tasks:
diff --git a/roles/mbs/common/tasks/main.yml b/roles/mbs/common/tasks/main.yml
index d7ecb0437e..7e46835ff8 100644
--- a/roles/mbs/common/tasks/main.yml
+++ b/roles/mbs/common/tasks/main.yml
@@ -15,6 +15,15 @@
   - mbs
   - mbs/common
 
+- name: kill development config
+  file: path=/etc/fedmsg.d/module_build_service.py state=absent
+  notify:
+  - restart apache
+  - restart fedmsg-hub
+  tags:
+  - mbs
+  - mbs/common
+
 - name: copy app configuration
   template: >
     src=config.py dest=/etc/module-build-service/config.py
@@ -26,6 +35,17 @@
   - mbs
   - mbs/common
 
+- name: copy fedmsg configuration
+  template: >
+    src=mbs-fedmsg.py dest=/etc/fedmsg.d/mbs-fedmsg.py
+    owner=root group=fedmsg mode=0644
+  notify:
+  - restart apache
+  - restart fedmsg-hub
+  tags:
+  - mbs
+  - mbs/common
+
 - name: copy client secrets
   template: >
     src=client_secrets.json.{{env}} dest=/etc/module-build-service/client_secrets.json
diff --git a/roles/mbs/common/templates/mbs-fedmsg.py b/roles/mbs/common/templates/mbs-fedmsg.py
new file mode 100644
index 0000000000..3715f21b0e
--- /dev/null
+++ b/roles/mbs/common/templates/mbs-fedmsg.py
@@ -0,0 +1,7 @@
+import socket
+
+config = {
+    # So that the MBS can find it's cert in /etc/fedmsg.d/ssl.py
+    'cert_prefix': 'mbs',
+    'name': 'mbs-%s' % socket.gethostname(),
+}
diff --git a/roles/mbs/frontend/tasks/main.yml b/roles/mbs/frontend/tasks/main.yml
index 1d24257955..761318c437 100644
--- a/roles/mbs/frontend/tasks/main.yml
+++ b/roles/mbs/frontend/tasks/main.yml
@@ -4,7 +4,7 @@
 - name: disable the scheduler on the frontend
   copy: >
     src={{ item }} dest=/etc/fedmsg.d/{{ item }}
-    owner=apache group=apache mode=0600
+    owner=fedmsg group=fedmsg mode=0644
   with_items:
   - mbs-scheduler.py
   notify:
@@ -41,6 +41,7 @@
   with_items:
   - httpd_can_network_connect_db
   - httpd_can_network_memcache
+  - httpd_can_network_connect
   - httpd_can_sendmail
   tags:
   - mbs
diff --git a/roles/opendkim/files/opendkim.conf b/roles/opendkim/files/opendkim.conf
index 03353770c0..c50d1d1692 100644
--- a/roles/opendkim/files/opendkim.conf
+++ b/roles/opendkim/files/opendkim.conf
@@ -131,3 +131,7 @@ OversignHeaders	From
 ##  caching service. Useful if the nameserver being used by the filter is
 ##  not local.
 # QueryCache	yes
+#
+# We need to increase the default header size because notifs adds a X-fedmsg header for
+# each message in a digest.
+MaximumHeaders 262144
diff --git a/roles/openqa/dispatcher/templates/schedule.conf.j2 b/roles/openqa/dispatcher/templates/schedule.conf.j2
index 92e13f9e41..f599284ff0 100644
--- a/roles/openqa/dispatcher/templates/schedule.conf.j2
+++ b/roles/openqa/dispatcher/templates/schedule.conf.j2
@@ -13,6 +13,8 @@ prod_rdb_report: true
 resultsdb_url: http://resultsdb-stg01.qa.fedoraproject.org/resultsdb_api/api/v2.0/
 wiki_hostname: stg.fedoraproject.org
 [consumers]
+# as we use the production scheduler
+prod_oqa_hostname: localhost
 stg_oqa_hostname: localhost
 stg_oqa_baseurl: https://{{ external_hostname|default(ansible_nodename) }}
 stg_wiki_hostname: stg.fedoraproject.org