<jabber>
2
3 <!--
4 This is the Jabber server configuration file. The file is
5 broken into different sections based on the services being
6 managed by jabberd, the server daemon. Most of the important
7 sections have comments and are easy to modify.
8
9 At [url]http://jabberd.jabberstudio.org/1.4/[/url] you find further
10 instructions including an annotated version of this con-
11 figuration file and an installation guide.
12
13 Note that when you see a tag like "jabberd:cmdline", it's
14 automatically replaced on startup with the command line flag
15 passed in to jabberd. This enables you to override para-
16 meters set in this configuration file if necessary or de-
17 sired. Also note as you comment things in and out that
18 jabberd does not like comments within comments, so be care-
19 ful with your XML. :)
20 -->
21
22
23 <!--
24 The following <service/> section is for the session manager,
25 the most important component within the server. This section
26 contains the following types of information:
27
28 * the server's hostname
29 * other basic server information
30 * the location of the session log file
31 * email addresses for server administrators
32 * registration instructions for new users
33 * a welcome message for new users
34 * a list of agents with which users can register
35 * load rules for the modules within the session manager
36
37 -->
38
39 <service id="sessions">
40
41 <!--
42 Replace all occurrences of "localhost" in this file by
43 the hostname of your Jabber server. Be aware changing
44 the server's name is all but impossible once users start
45 to use the server. So choose a name that is permanent
46 (especially no Intranet hostnames or IP addresses).
47
48 Multiple <host/> entries are allowed - each one is for a
49 separate virtual server. Note that each host entry must
50 be on one line, the server doesn't like it otherwise! :)
51 Use lowercase for the hostname.
52 -->
53
54 <host><jabberd:cmdline flag="h">Chatserver</jabberd:cmdline></host>
55
56 <!--
57 This is the custom configuration section for the
58 Jabber session manager, a.k.a. "JSM".
59 -->
60
61 <jsm xmlns="jabber:config:jsm">
62
63 <!--
64 The <filter/> section below determines settings
65 for mod_filter, a server-side module built into
66 JSM that enables users to set delivery rules for
67 messages they receive (not yet supported by all
68 clients). The <allow/> subsection specifies which
69 conditions and actions to enable. High-level
70 descriptions of each setting can be found below:
71
72 * <default/> - a user cannot delete this one, it's
73 the default rule for delivering messages
74 * <max_size/> - the maximum number of rules in a
75 user's rule set (we don't want to overdo it!)
76 * conditions...
77 * <ns/> - matches the query xmlns attrib on an iq packet
78 * <unavailable/> - matches when user is unavailable
79 * <from/> - matches the sender of the message
80 * <resource/> - matches the receiver's resource
81 * <subject/> - matches the subject of the message
82 * <body/> - matches the body of the message
83 * <show/> - matches the show tag on the receiver's presence
84 * <type/> - matches the type of the message
85 * <roster/> - matches if the sender is in your roster
86 * <group/> - matches if the sender is in the specified group
87 * actions...
88 * <error/> - replies with an error
89 * <offline/> - stores the messages offline
90 * <forward/> - forwards the message to another jid
91 * <reply/> - sends a reply to the sender of the message
92 * <continue/> - continues processing of the rules
93 * <settype/> - changes the type of the message
94 -->
95 <filter>
96 <default/>
97 <max_size>100</max_size>
98 <allow>
99 <conditions>
100 <ns/> <!-- Matches if the iq's xmlns is the same as the specified namespace -->
101 <unavailable/> <!-- Flag that matches when the reciever is unavailable (offline) -->
102 <from/> <!-- Matches if the sender's jid is the specified jid -->
103 <resource/> <!-- Matches if the sender's resource (anything after the / in a jid) is the specified resource -->
104 <subject/> <!-- Matches if the message's subject is the specified subject (no regex yet) -->
105 <body/> <!-- Matches if the message body is the specified body (no regex yet) -->
106 <show/> <!-- Matches if the receiver's presence has a show tag that is the same as the specified text -->
107 <type/> <!-- Matches if the type of the message is the same as the specified text ("normal" is okay) -->
108 <roster/> <!-- Flag that matches when the sender is in the receiver's roster -->
109 <group/> <!-- Matches when the sender is in the specified group -->
110 </conditions>
111 <actions>
112 <error/> <!-- Sends back an error message to the sender, with the specified text -->
113 <offline/> <!-- Flag that stores the message offline -->
114 <forward/> <!-- forwards the message to the specified jid -->
115 <reply/> <!-- Sends back a reply to the sender with the specified text in the body -->
116 <continue/> <!-- Flag that continues rule matching, after a rule matches -->
117 <settype/> <!-- Changes the type of message to the specified type, before delivery to the receiver -->
118 </actions>
119 </allow>
120 </filter>
121
122 <!-- The server vCard -->
123
124 <vCard>
125 <FN>Jabber Server</FN>
126 <DESC>A Jabber Server!</DESC>
127 <URL>http://localhost/</URL>
128 </vCard>
129
130 <!--
131 Registration instructions and required fields. The
132 notify attribute will send the server administrator(s)
133 a message after each valid registration if the notify
134 attribute is present.
135 -->
136
137 <register notify="yes">
138 <instructions>Choose a username and password to register with this server.</instructions>
139 <name/>
140 <email/>
141 </register>
142
143 <!--
144 A welcome note that is sent to every new user who registers
145 with your server. Comment it out to disable this function.
146 -->
147
148 <welcome>
149 <subject>Welcome!</subject>
150 <body>Welcome to the Jabber server at localhost -- we hope you enjoy this service! For information about how to use Jabber, visit the Jabber User's Guide at http://jabbermanual.jabberstudio.org/</body>
151 </welcome>
152
153 <!--
154 IDs with admin access - these people will receive admin
155 messages (any message to="yourhostname" is an admin
156 message). These addresses must be local ids, they cannot
157 be remote addresses.
158
159 Note that they can also send announcements to all
160 users of the server, or to all online users. To use
161 the announcement feature, you need to send raw xml and be
162 logged in as one of the admin users. Here is the syntax
163 for sending an announcement to online users:
164
165 <message to="yourhostname/announce/online">
166 <body>announcement here</body>
167 </message>
168
169 <message to="yourhostname/announce/motd">
170 <body>message (of the day) that is sent only once to all users that are logged in and additionally to new ones as they log in</body>
171 </message>
172
173 Sending to /announce/motd/delete will remove any existing
174 motd, and to /announce/motd/update will only update the motd
175 without re-announcing to all logged in users.
176
177 The <reply> will be the message that is automatically
178 sent in response to any admin messages.
179 -->
180
181 <!--
182 <admin>
183 <read>support@localhost</read>
184 <write>admin@localhost</write>
185 <reply>
186 <subject>Auto Reply</subject>
187 <body>This is a special administrative address. Your message was received and forwarded to server administrators.</body>
188 </reply>
189 </admin>
190 -->
191
192 <!--
193 This enables the server to automatically update the
194 user directory when a vcard is edited. The update is
195 only sent to the first listed jud service below. It is
196 safe to remove this flag if you do not want any users
197 automatically added to the directory.
198 -->
199
200 <vcard2jud/>
201
202 <!--
203 The <browse/> section identifies the transports and other
204 services that are available from this server. Note that each
205 entity identified here must exist elsewhere or be further
206 defined in its own <service/> section below. These services
207 will appear in the user interface of Jabber clients that
208 connect to your server.
209 The <browse/> section is also used by mod_disco (see below)
210 for building the disco#items reply.
211 -->
212
213 <browse>
214
215 <!--
216 This is the default agent for the master Jabber User
217 Directory, a.k.a. "JUD", which is located at jabber.org.
218 You can add separate <service/> sections for additional
219 directories, e.g., one for a company intranet.
220 -->
221
222 <service type="jud" jid="users.jabber.org" name="Jabber User Directory">
223 <ns>jabber:iq:search</ns>
224 <ns>jabber:iq:register</ns>
225 </service>
226
227 <!--
228 The following services are examples only, you will need to
229 create/modify them to get them working on your Jabber
230 server. See the README files for each service and/or the
231 server howto for further information/instructions.
232 -->
233
234 <!-- we're commenting these out, of course :)
235
236 <service type="aim" jid="aim.localhost" name="AIM Transport">
237 <ns>jabber:iq:gateway</ns>
238 <ns>jabber:iq:register</ns>
239 </service>
240
241 <service type="yahoo" jid="yahoo.localhost" name="Yahoo! Transport">
242 <ns>jabber:iq:gateway</ns>
243 <ns>jabber:iq:register</ns>
244 </service>
245
246 end of <service/> examples -->
247
248 </browse>
249
250 <!--
251 "Service Discovery" (disco, JEP-0030) supersedes
252 "Jabber Browsing" (JEP-0011).
253 The <disco/> section is used for building the disco#info reply.
254 -->
255 <disco>
256 <identity category='services' type='jabber' name='Jabber 1.4 Server'/>
257 <feature var='jabber:iq:browse'/>
258 <feature var='jabber:iq:agents'/>
259 <feature var='jabber:iq:register'/>
260 <feature var='jabber:iq:time'/>
261 <feature var='jabber:iq:last'/>
262 <feature var='jabber:iq:version'/>
263 </disco>
264
265 <!--
266 Select the hashing algorithm that mod_auth_crypt uses
267 for storing passwords
268 Possible values:
269 crypt ... traditional hashing as implemented in crypt()
270 SHA1 ... using SHA1 hashes
271 -->
272 <mod_auth_crypt>
273 <hash>SHA1</hash>
274 </mod_auth_crypt>
275
276 <!--
277 Configuration for mod_version. By defining <no_os_version/>
278 mod_version will not report the version of your OS.
279 -->
280 <!--
281 <mod_version>
282 <no_os_version/>
283 </mod_version>
284 -->
285
286
287 </jsm>
288
289 <!--
290 The following section dynamically loads the individual
291 modules that make up the session manager. Remove or
292 comment out modules to disable them. Note that the order
293 of modules is important, since packets are delivered
294 based on the following order!!
295 -->
296
297 <load main="jsm">
298 <jsm>./jsm/jsm.so</jsm>
299 <mod_echo>./jsm/jsm.so</mod_echo>
300 <mod_roster>./jsm/jsm.so</mod_roster>
301 <mod_time>./jsm/jsm.so</mod_time>
302 <mod_vcard>./jsm/jsm.so</mod_vcard>
303 <mod_last>./jsm/jsm.so</mod_last>
304 <mod_version>./jsm/jsm.so</mod_version>
305 <mod_announce>./jsm/jsm.so</mod_announce>
306 <mod_agents>./jsm/jsm.so</mod_agents>
307 <mod_browse>./jsm/jsm.so</mod_browse>
308 <mod_disco>./jsm/jsm.so</mod_disco>
309 <mod_admin>./jsm/jsm.so</mod_admin>
310 <mod_filter>./jsm/jsm.so</mod_filter>
311 <mod_offline>./jsm/jsm.so</mod_offline>
312 <mod_presence>./jsm/jsm.so</mod_presence>
313
314 <!--
315 Authentication
316 For standard setups mod_auth_digest is recommended. Additionally
317 enable mod_auth_plain if you need plaintext authentication.
318 For maximum security, force SSL connections and use mod_auth_crypt
319 exclusively. Be aware encrypted password storage can lead to
320 problems when migrating to other authentication mechanisms
321 (LDAP...).
322 Switching from plain/digest to crypt needs manual work for
323 existing accounts, the reverse is not possible.
324 [url]http://jabberd.jabberstudio.org/1.4/doc/adminguide#security[/url]
325 -->
326 <!-- mod_auth_digest: Password in clear text in storage,
327 encrypted/hashed on the wire -->
328 <mod_auth_digest>./jsm/jsm.so</mod_auth_digest>
329 <!-- mod_auth_plain: Password in clear text in storage
330 and on the wire. Disable this if you do not use clients
331 that need plaintext auth -->
332 <mod_auth_plain>./jsm/jsm.so</mod_auth_plain>
333 <!-- mod_auth_crypt: Password encrypted/hashed in storage,
334 clear text on the wire. Disabled as this only makes
335 sense when used exclusively and with SSL mandatory
336 <mod_auth_crypt>./jsm/jsm.so</mod_auth_crypt> -->
337
338 <mod_log>./jsm/jsm.so</mod_log>
339 <mod_register>./jsm/jsm.so</mod_register>
340 <mod_xml>./jsm/jsm.so</mod_xml>
341 </load>
342
343 </service>
344
345 <!-- OK, we've finished defining the Jabber Session Manager. -->
346
347 <!--
348 The <xdb/> component handles all data storage, using the filesystem.
349 Make sure the spool directory defined here exists and has proper
350 permissions.
351 -->
352
353 <xdb id="xdb">
354 <host/>
355 <load>
356 <xdb_file>./xdb_file/xdb_file.so</xdb_file>
357 </load>
358 <xdb_file xmlns="jabber:config:xdb_file">
359 <spool><jabberd:cmdline flag='s'>./spool</jabberd:cmdline></spool>
360 </xdb_file>
361 </xdb>
362
363 <!--
364 The following service manages incoming client socket connections.
365 There are several items you can set here to optimize performance:
366
367 * authtime - default is unlimited, but you can set this to
368 limit the amount of time allowed for authentication to be
369 completed, e.g., <authtime>10</authtime> for 10 seconds
370
371 * heartbeat - default is to not send out heartbeat packets
372 to the clients. This option allows you to specify that
373 you want heartbeats to happen every x seconds. This is
374 useful if you have a lot of dial-up or laptop users who
375 may drop their connection without logging off of jabber.
376 Otherwise the server won't notice that they are offline until
377 someone tries to send a packet to them (and the message is
378 lost). Example: <heartbeat>60</heartbeat>
379
380 * karma - this is an input/output rate limiting system that
381 the Jabber team came up with to prevent bandwidth hogging.
382 For details about karma, read the io section at the bottom.
383 These are the low settings and apply per connection/socket
384 and can be changed as desired.
385 To disable rate limiting just delete the <karma/> section.
386 -->
387
388 <service id="c2s">
389 <load>
390 <pthsock_client>./pthsock/pthsock_client.so</pthsock_client>
391 </load>
392 <pthcsock xmlns='jabber:config:pth-csock'>
393 <authtime/>
394 <heartbeat/>
395 <karma>
396 <init>10</init>
397 <max>10</max>
398 <inc>1</inc>
399 <dec>1</dec>
400 <penalty>-6</penalty>
401 <restore>10</restore>
402 </karma>
403
404 <!--
405 Use these to listen on particular addresses and/or ports.
406 Example: <ip port="5222">127.0.0.1</ip>
407 Default is to listen on port 5222 on every interface.
408 Remove the <ip/> section to disable non-ssl client connections.
409 -->
410 <ip port="5222"/>
411
412 <!--
413 The <ssl/> tag acts pretty much like the <ip/> tag,
414 except it defines that SSL is to be used on the
415 ports and IP addresses specified. You must specify
416 an IP address here, or the connections will fail.
417 <ssl port='5223'>127.0.0.1</ssl>
418 <ssl port='5224'>192.168.1.100</ssl>
419 -->
420
421 </pthcsock>
422 </service>
423
424 <!--
425 This is the default server error logging component,
426 which copies to a file and to STDERR.
427 -->
428
429 <log id='elogger'>
430 <host/>
431 <logtype/>
432 <format>%d: [%t] (%h): %s</format>
433 <file>error.log</file>
434 <stderr/>
435 </log>
436
437 <!--
438 This is the default server record logging component,
439 which logs general statistical/tracking data.
440 -->
441
442 <log id='rlogger'>
443 <host/>
444 <logtype>record</logtype>
445 <format>%d %h %s</format>
446 <file>record.log</file>
447 </log>
448
449 <!-- The following two services are for handling server-to-server traffic. -->
450
451 <!-- External asychronous DNS resolver -->
452
453 <service id="dnsrv">
454 <host/>
455 <load>
456 <dnsrv>./dnsrv/dnsrv.so</dnsrv>
457 </load>
458 <dnsrv xmlns="jabber:config:dnsrv">
459 <resend service="_xmpp-server._tcp">s2s</resend> <!-- for supporting XMPP compliant SRV records -->
460 <resend service="_jabber._tcp">s2s</resend> <!-- for supporting old style SRV records -->
461 <resend>s2s</resend>
462 </dnsrv>
463 </service>
464
465 <!--
466 The following 's2s' config handles server connections and
467 dialback hostname verification. The <legacy/> element is
468 here to enable communication with old 1.0 servers. The
469 karma settings are a little higher here to handle the
470 higher traffic of server-to-server connections (read
471 the io section below for more details, medium settings).
472 -->
473
474 <service id="s2s">
475 <load>
476 <dialback>./dialback/dialback.so</dialback>
477 </load>
478 <dialback xmlns='jabber:config:dialback'>
479 <legacy/>
480 <!-- Use these to listen on particular addresses and/or ports.
481 <ip port="7000"/>
482 <ip port="5269">127.0.0.1</ip>
483 -->
484 <ip port="5269"/>
485 <karma>
486 <init>50</init>
487 <max>50</max>
488 <inc>4</inc>
489 <dec>1</dec>
490 <penalty>-5</penalty>
491 <restore>50</restore>
492 </karma>
493 </dialback>
494 </service>
495
496 <!--
497 update.jabber.org is long dead but some clients still
498 request update information. In order to avoid errors
499 in the logs, just drop packages for update.jabber.org.
500 -->
501 <service id="update.jabber.org">
502 <host>update.jabber.org</host>
503 <null/>
504 </service>
505
506 <!--
507 If you identified additional agents in the main <service/>
508 section (see examples above), you'll need to define each
509 of them here using a separate <service/> section for each
510 <agent/> you identified. Note that the <agent/> sections
511 determine what gets shown to clients that connect to your
512 server, whereas the following <service/> sections define
513 these services within the server itself. The following are
514 examples only, you will need to create/modify them to get
515 them working on your Jabber server. See the README files
516 for each agent and/or the server howto for further
517 information/instructions.
518 -->
519
520 <!-- we're commenting these out, of course :)
521
522 <service id="aim.localhost">
523 <accept>
524 <ip/>
525 <port>7009</port>
526 <secret>jabber-rocks</secret>
527 </accept>
528 </service>
529
530 <service id="yahoo.localhost">
531 <accept>
532 <ip/>
533 <port>9001</port>
534 <secret>jabber-rocks</secret>
535 </accept>
536 </service>
537
538 end of <service/> examples -->
539
540 <!--
541 The following <io/> config initializes the top-level
542 I/O, otherwise known as MIO (Managed Input/Output).
543 -->
544
545 <io>
546
547 <!-- Set the default karma for *all* sockets -->
548 <!-- definition of terms:
549
550 * Avg. Throughput - The number of bytes you can
551 send every second without incuring any penalty.
552
553 * Burst Allowed - The maximum number of bytes you
554 can send in 2 seconds without incurring any penalty.
555
556 * Max Sustained Rate - If you send data as fast as
557 you can, you will hit penalty, and will not be
558 able to send for 10 seconds; the max sustained
559 rate is the average rate you can dump data when
560 you are dumping as much data as you can, as fast
561 as you can.
562
563 * Seconds to Recover from Burst - The amount of time
564 it will take to reach Avg. Throughput capability
565 after sending a max burst of data.
566
567 * Penalty Length - The length of your penalty is
568 determined according to this formula:
569 abs(penalty) * Heartbeat seconds
570 E.g., a penalty of -5 and heartbeat of 2 will
571 cause your penalty length to be 10 seconds.
572 Note that a penalty CANNOT be less than -100,
573 otherwise strange things might happen.
574
575 -->
576 <!-- Example of Low Karma Limits
577 Avg. Throughput: 1k-2k/s
578 Burst Allowed To: 5.5k/s
579 Max Sustained Rate: 485b/s
580 Seconds to Recover from Burst: 20
581 Penalty Length: 12 seconds
582 <karma>
583 <heartbeat>2</heartbeat>
584 <init>10</init>
585 <max>10</max>
586 <inc>1</inc>
587 <dec>1</dec>
588 <penalty>-6</penalty>
589 <restore>10</restore>
590 </karma>
591 -->
592
593 <!-- Example of Medium Karma Limits
594 Avg. Throughput: 5k-10k/s
595 Burst Allowed: 125.5k/s
596 Max Sustained Rate: 12.6k/s
597 Seconds to Recover From Burst: 25
598 Penalty Length: 10 seconds
599 <karma>
600 <heartbeat>2</heartbeat>
601 <init>50</init>
602 <max>50</max>
603 <inc>4</inc>
604 <dec>1</dec>
605 <penalty>-5</penalty>
606 <restore>50</restore>
607 </karma>
608 -->
609
610 <!-- Example of High Karma Limits
611 Avg. Throughput: 5k-10k/s
612 Burst Allowed: 206k/s
613 Max Sustained Rate: 34.3k/s
614 Seconds to Recover from Burst: 21
615 Penalty Length: 6 seconds
616 <karma>
617 <heartbeat>2</heartbeat>
618 <init>64</init>
619 <max>64</max>
620 <inc>6</inc>
621 <dec>1</dec>
622 <penalty>-3</penalty>
623 <restore>64</restore>
624 </karma>
625 -->
626
627 <!--
628 Set rate limits to monitor the number of connection
629 attempts from a single IP, any more than [points]
630 within [time] will engage the limit. This setting
631 applies to all incoming connections to any service,
632 unless otherwise overridden by that service.
633 -->
634
635 <rate points="5" time="25"/>
636
637 <!--
638 The following section initializes SSL for top-level I/O.
639 This works only when the server is compiled with openssl!
640 Use IPs here or connections will fail.
641 -->
642 <!--
643 <ssl>
644 <key ip='192.168.1.1'>/path/to/cert_and_key.pem</key>
645 <key ip='192.168.1.100'>/path/to/other/cert_and_key.pem</key>
646 </ssl>
647 -->
648
649 <!--
650 The following section is used to allow or deny
651 communications from specified IP networks or
652 addressses. If there is no <allow/> section,
653 then *all* IPs will be allowed to connect. If
654 you allow one block, then only that block may
655 connect. Note that <allow/> is checked before
656 <deny/>, so if a specific address is allowed
657 but the network for that address is denied,
658 then that address will still be denied.
659 -->
660 <!--
661 <allow><ip>127.0.0.0</ip><mask>255.255.255.0</mask></allow>
662 <allow><ip>12.34.56.78</ip></allow>
663 <deny><ip>22.11.44.0</ip><mask>255.255.255.0</mask></deny>
664 -->
665
666 </io>
667
668 <!--
669 This specifies the file to store the pid of the process in.
670 -->
671 <pidfile>./jabber.pid</pidfile>
672
673
674 </jabber>
weil ich mom nich an den rechner kann also noch bischen geduld
