XMPP Service Operators - 2023-03-22

Поебемся

Иди на хуй

Соси его

stick to english please

I didn't realize cloudflare required you to hand over your dns servers to protect you from attacks

thought it was a simple 'point a cname here to protect service'

It's been a while (like, 10 years?) since I used it, but I think they support both. Could well have changed though.

from documentation i'm seeing they support what their calling 'partial dns' but they require you to pay an extra 200 dollars a month for it.

Are there better reverse proxy services out there to protect against attacks?

preferably ones that work with xmpp or generic tcp

nuegia.net, my advice: don't worry about it. There aren't really any alternatives to Cloudflare, or at least none that someone trying to avoid Cloudflare would be happy with. Being able to sink DDoS traffic is something only large entities with significant network control/influence can achieve.

Outside of such organizations, your best option is just being on good terms with your hosting provider (who also does not want to be affected by DDoS)

protecting against attacks doesn't stop at protecting against DDoS tho

For example, OVH have automated DDoS protection: https://www.ovhcloud.com/en/security/anti-ddos/

(any provider of non-trivial size likely has these days)

Indeed

You're right, I guess I read "attacks" as "DDoS attacks" because that's the context Cloudflare usually comes up in

Seems someone is spamming carrots, do we have his jid to ban in advance?

They're using multiple JIDs, their accounts are on the RTBL and deleted already

Mm didnt have a chance to deploy the rtbl bot yet

TheCoffeMaker: don't forget to target `carrot`

🤣️

rtbl bot added ... MattJ how can I help to make it available for arm64 ?

I probably just need to update my release build script

great ... just asking ... added the bot to the only x86 running on my infra 😅️ ... connected to rooms right away ... how can I check if it works?

No easy way right now, though I've been considering setting up a test channel

Will ping you later on jdev witha few ideas

Is it possible to configure my server so I can send people text messages through my XMPP client?

00c: what you mean?

Do you happen to familiar with Signal?

you mean an SMS gateway

there is jmp.chat and/or https://cheogram.com/ for this kind of stuff

Signal has removed SMS support. ✏

Which is funny because Google and Facebook are still at it

Please explain.

Their messaging apps do SMS

my nokia does SMS just fine 😁

I do my best to avoid google and facebook. I only use google for my university's email.

How do their apps communicate SMS? Can I implement this into my XMPP server?

they probably talk to the APIs on the phone directly.

as they need access to the SIM card to send/receive SMS with your own number ✏

so nothing server-side at all

I've gotten phising text's from JIDs.

I ignore them.

00c, if you're looking for a SMS gateway you might want to look at https://jmp.chat/ it's a small FOSS company that bridges the traditional phone network to XMPP.

Cheogram looks like a fork of Conversations.

I think I've also seen some sms/xmpp gateway code but that'd need to run on a device with a mobile network modem.

It is 00c, you'll find much more if you look longer

Does this mean that I'll have to move my XMPP server to a phone or sim enabled laptop?

No. That's all via internet.

Thank you so much for all of your answers and help.

I have difficulty explaining myself. I want to be able to type my contacts phone number into XMPP and send them an SMS message.

00c: jmp.chat will help you with that

I also want my contacts to be able to text my JID and I get an XMPP message.

Same answer

Well, text your phone number

Texting your jid they do with an xmpp client

If my contact has an XMPP client, I want them to send me OMEMO encrypted messages.

00c: Send an xmpp message they get an sms They send an SMS you get an xmpp message

YES.

That works with something like jmp.chat yes

00c, you're looking for something kind of like signal where you find each other by phone number, but if both sides support it the message is upgraded to an encrypted message?

Diane , Yes. That's exactly it.

xmpp:discuss@conference.soprani.ca?join

00c: > If my contact has an XMPP client, I want them to send me OMEMO encrypted messages. Your first message then should be _"hey, I'm cutting down my SMS usage, we can talk on XMPP, I can help you set up"_

No automatic upgrade tho

That would require an app that can do SMS and xmpp

00c: if they use Android just tell them to install Quicksy from their app store (F-Droid, Play)

For iOS they need to create an account with Monal from App Store (for now) https://eversten.net/en/blog/monal/ ✏

Anyway, we've gonne offtopic here

What is this channels topic?

00c: menu - details - read?

I'm an XMPP server operator.

I'm a beginner who needs help.

We've over that already, for SMS stuff go to xmpp:discuss@conference.soprani.ca?join

Any other subjects you need help with as an operator?

Did you setup cron to regen your certificates?

No. I do it manually every 90 days.

It's not worth setting up right now. I plan on moving servers by the end of the month.

sudo systemctl enable certbot-renew.service --now

Goodbye. It was nice chatting with you. Thank you so much for all of your help and answers.

00c: bookmark this room so you come back next time. ✏

> Connection from trung.fun to jabber.de failed ! > Cert hash: 94944b9707b14f2b07992dff393a1f0dd185b2c3 > Error: Error with certificate 0: unable to get local issuer certificate, unable to verify the first certificate.

Same for me

Just now

> x509: certificate signed by unknown authority Yep, probably not using the fullchain.pem…

Oh, jabber.de is operated by a new team: https://www.jabber.de/

> Currently we do not support registering new accounts through our webpage. If you want to create a new account on Jabber.de, please do so directly from your preferred client. A list of Jabber-clients can be found here. https://www.jabber.de/?page_id=49 I hope they have some precautions to not turn into a spam server… :-/