diff --git a/alertmanager/helm-values.yaml b/alertmanager/helm-values.yaml
index 87ba7c7..0adbe4e 100644
--- a/alertmanager/helm-values.yaml
+++ b/alertmanager/helm-values.yaml
@@ -20,32 +20,53 @@ serviceMonitor:
     release: prometheus
   namespace: prometheus
 
+# SMTP Secret 환경변수 주입
+extraEnv:
+  - name: SMTP_PASSWORD
+    valueFrom:
+      secretKeyRef:
+        name: alertmanager-smtp
+        key: smtp_auth_password
+
 config:
   global:
     resolve_timeout: 5m
+    smtp_smarthost: "smtp.mail.me.com:587"
+    smtp_from: "bluemayne0213@icloud.com"
+    smtp_auth_username: "bluemayne0213@icloud.com"
+    smtp_auth_password: $(SMTP_PASSWORD)
+    smtp_require_tls: true
   route:
     group_by: ["alertname", "cluster", "service"]
-    group_wait: 10s
-    group_interval: 10s
-    repeat_interval: 12h
-    receiver: "default"
+    group_wait: 30s
+    group_interval: 5m
+    repeat_interval: 4h
+    receiver: "email"
     routes:
+    # Critical - 즉시 전송
     - match:
         severity: critical
-      receiver: "critical"
-      continue: true
+      receiver: "email"
+      group_wait: 10s
+      repeat_interval: 1h
+    # Warning
     - match:
         severity: warning
-      receiver: "warning"
+      receiver: "email"
+      group_wait: 1m
+      repeat_interval: 4h
+    # Watchdog 제외 (항상 firing)
+    - match:
+        alertname: Watchdog
+      receiver: "null"
   receivers:
-  - name: "default"
-    # 기본 수신자 (로그만 남김)
-  - name: "critical"
-    # TODO: Slack, Email 등 알림 채널 추가
-    # webhook_configs:
-    # - url: 'http://your-webhook-url'
-  - name: "warning"
-    # TODO: 경고 알림 채널 추가
+  - name: "email"
+    email_configs:
+    - to: "bluemayne0213@icloud.com"
+      send_resolved: true
+      headers:
+        subject: "[{{ .Status | toUpper }}] {{ .CommonLabels.alertname }}"
+  - name: "null"
   inhibit_rules:
   - source_match:
       severity: "critical"
diff --git a/alertmanager/kustomization.yaml b/alertmanager/kustomization.yaml
index 972f3ed..7d7a3be 100644
--- a/alertmanager/kustomization.yaml
+++ b/alertmanager/kustomization.yaml
@@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - ingress.yaml
+  - vault/alertmanager-secrets.yaml
diff --git a/alertmanager/vault/alertmanager-secrets.yaml b/alertmanager/vault/alertmanager-secrets.yaml
new file mode 100644
index 0000000..79e3e27
--- /dev/null
+++ b/alertmanager/vault/alertmanager-secrets.yaml
@@ -0,0 +1,18 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: alertmanager-smtp
+  namespace: alertmanager
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault-backend
+  target:
+    name: alertmanager-smtp
+    creationPolicy: Owner
+  data:
+    - secretKey: smtp_auth_password
+      remoteRef:
+        key: monitoring/alertmanager
+        property: SMTP_PASSWORD
diff --git a/goldilocks/argocd.yaml b/goldilocks/argocd.yaml
index 6bf5207..5a46481 100644
--- a/goldilocks/argocd.yaml
+++ b/goldilocks/argocd.yaml
@@ -24,10 +24,7 @@ spec:
     server: https://kubernetes.default.svc
     namespace: goldilocks
   syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-      allowEmpty: false
+    # automated sync disabled for resource optimization
     syncOptions:
     - CreateNamespace=true
     - PrunePropagationPolicy=foreground
diff --git a/vpa/argocd.yaml b/vpa/argocd.yaml
index 3c7667c..4f27966 100644
--- a/vpa/argocd.yaml
+++ b/vpa/argocd.yaml
@@ -21,10 +21,7 @@ spec:
     server: https://kubernetes.default.svc
     namespace: vpa
   syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-      allowEmpty: false
+    # automated sync disabled for resource optimization
     syncOptions:
     - CreateNamespace=true
     - PrunePropagationPolicy=foreground