XMPP Service Operators - 2022-12-17


  1. sarahlee

    Dear community, I am looking for a way to enforce clients to use e2e encryption. 10 years ago I was on a server that did this with OTR. If any clear-text messages were transmitted, the server would simply bounce a message back with something like "This server only accept end-to-end encrypted messages. Please see our howto setup OTR here [link]. We reccomend clients X, Y and Z." So far all topics I find on securing an XMPP-server are either about securing data-connections with TLS (either c2s or s2s), or about securing services and files on the OS itelf, but I find nothing on denying plain text messages. I know there are many good clients out there that can easily enforce things like OMEMO, but I would prefer to simply deny users the option to transmit clear-text messages in the first place. Thanx for your support :)

  2. Trung

    Hello sarahlee 😊. With XMPP, user has the power to choose what and how they want their message to be delivered. Encryption is the main reason for XMPP but sometime it there is very value in encrypting messages - like what we are doing here in a public chat hall. 1v1 with strangers also make no sense to encrypt messages either imo. Also sometime ………bugs……………so…………yeah……… Anyhow, this is the MUC for XMPP Operator. Most people here run (at least 1) server. I run Prosŏdy. And there is a module to enforce e2e policy from the server: » https://modules.prosody.im/mod_e2e_policy.html I don't run it myself, but you can try if you have Prosŏdy. I have absolutely no clue what Ejabberd or Openfire does but I guess they probably have something similar.

  3. Trung

    Hello sarahlee 😊. With XMPP, user has the power to choose what and how they want their message to be delivered. Encryption is the main reason for XMPP but sometime it there is very value in encrypting messages - like what we are doing here in a public chat hall. 1v1 with strangers also make no sense to encrypt messages either imo. Also sometime ………bugs……………so…………yeah……… Anyhow, this is the MUC for XMPP Operator. Most people here run (at least 1) server. I run Prosŏdy. And there is a module to enforce e2e policy from the server: » https://modules.prosody.im/mod_e2e_policy.html I don't use it myself, but you can try if you have Prosŏdy. I have absolutely no clue what Ejabberd or Openfire does but I guess they probably have something similar.

  4. Trung

    Hello sarahlee 😊. With XMPP, user has the power to choose where and how they want their message to be delivered. Encryption is the main reason for XMPP but sometime it there is very value in encrypting messages - like what we are doing here in a public chat hall. 1v1 with strangers also make no sense to encrypt messages either imo. Also sometime ………bugs……………so…………yeah……… Anyhow, this is the MUC for XMPP Operator. Most people here run (at least 1) server. I run Prosŏdy. And there is a module to enforce e2e policy from the server: » https://modules.prosody.im/mod_e2e_policy.html I don't use it myself, but you can try if you have Prosŏdy. I have absolutely no clue what Ejabberd or Openfire does but I guess they probably have something similar.

  5. Trung

    Hello sarahlee 😊. With XMPP, user has the power to choose where and how they want their message to be delivered. Encryption is the main reason for XMPP but sometime there is very little value in encrypting messages - like what we are doing here in a public chat hall. 1v1 with strangers also make no sense to encrypt messages either imo. Also sometime ………bugs……………so…………yeah……… Anyhow, this is the MUC for XMPP Operator. Most people here run (at least 1) server. I run Prosŏdy. And there is a module to enforce e2e policy from the server: » https://modules.prosody.im/mod_e2e_policy.html I don't use it myself, but you can try if you have Prosŏdy. I have absolutely no clue what Ejabberd or Openfire does but I guess they probably have something similar.

  6. sarahlee

    Hi Trung, thank you very much for your reply, much appreciated :)

  7. nuegia.net-2

    Hello all I'm having a weird issue with c2s connections on the server, I am aware of the issue and am working on it

  8. nuegia.net-2

    if anybody else has experienced 'out-of-memory' errors on prosody despite having plenty of memory please tell me

  9. nuegia.net-2

    > I am looking for a way to enforce clients to use e2e encryption. sarahlee please do not enforce OMEMO, it's experimental, alpha quality, and funding does not exist to make it a first class feature on most clients yet

  10. Ellenor Bjornsd.

    what.

  11. nuegia.net-2

    I believe the issues to be resolved now. Please let me know if anyone is still experiecing downtime or weird issues