diff --git a/lib/mix/tasks/pleroma/database.ex b/lib/mix/tasks/pleroma/database.ex
index 87ccfdff1..0a09a1c4a 100644
--- a/lib/mix/tasks/pleroma/database.ex
+++ b/lib/mix/tasks/pleroma/database.ex
@@ -343,10 +343,16 @@ def run(["prune_objects" | args]) do
 
     %{:num_rows => del_hashtags} =
       """
-      DELETE FROM hashtags AS ht
-      WHERE NOT EXISTS (
-        SELECT 1 FROM hashtags_objects hto
-        WHERE ht.id = hto.hashtag_id)
+      DELETE FROM hashtags
+      USING hashtags AS ht
+      LEFT JOIN hashtags_objects hto
+            ON ht.id = hto.hashtag_id
+      LEFT JOIN user_follows_hashtag ufht
+            ON ht.id = ufht.hashtag_id
+      WHERE
+          hashtags.id = ht.id
+          AND hto.hashtag_id is NULL
+          AND ufht.hashtag_id is NULL
       """
       |> Repo.query!()
 
diff --git a/lib/pleroma/emails/mailer.ex b/lib/pleroma/emails/mailer.ex
index 6a79a7694..af513f1f1 100644
--- a/lib/pleroma/emails/mailer.ex
+++ b/lib/pleroma/emails/mailer.ex
@@ -84,8 +84,14 @@ defp default_config(Swoosh.Adapters.SMTP, conf, _) do
       cacerts: os_cacerts,
       versions: [:"tlsv1.2", :"tlsv1.3"],
       verify: :verify_peer,
-      # some versions have supposedly issues verifying wildcard certs without this
       server_name_indication: relay,
+      # This allows wildcard ceritifcates to be verified properly.
+      # The :https parameter simply means to use the HTTPS wildcard format
+      # (as opposed to say LDAP). SMTP servers tend to use the same type of
+      # certs as HTTPS ones so this should work for most.
+      customize_hostname_check: [
+        match_fun: :public_key.pkix_verify_hostname_match_fun(:https)
+      ],
       # the default of 10 is too restrictive
       depth: 32
     ]