It’s just data

Prosody as a personal xmpp server

Nearly six years ago, I set up a personal Jabber server using ejabberd.  This setup survived the server migration to Ubuntu 8.04 and 10.04.  This past weekend, I attempted to migrate that to a server running 12.04 and all I could get out of it was an erlang crash dump.

A quick scan for successors turned up prosody. Configuration was as simple as adding a VirtualHost and setting allow_registration to true.

Wow cool! I was trying to set up ejabbered the other day, but nobody was maintaining an up to date ppa in ubuntu, plus navigating their site was confusing as hell.  This looks dead simple!

Posted by Bret Comnes at

I’ve thought of doing that for a while, but balk at the security implications; I’m not sure how well-tested this code is (whichever server you’re talking about).

Any experiences / tips? E.g., do you run in a chroot jail, or...?

Posted by Mark Nottingham at

Mark: I don’t bother as I don’t run it on the public internet.  I have a number of machines at home, and in particular one that I consider a modest “server” (an AMD Athlon(tm) II X2 240 Processor running a stable version of Ubuntu.)  I have scripts that watch for various things on the internet (e.g., posts to forums for my book), and I run various processes on that server (e.g., regression tests) that may fail and need attention.

Overall, I use my personal XMPP server as cross-platform growl (in fact my IM client will trigger a pop-up notification).  The actual IM messages themselves typically use XHTML-IM to include a hypertext link.

I have no doubt that ejabberd is likely more scalable, but prosody seems to be actively maintained and is more than sufficient for my modest requirements.

Posted by Sam Ruby at

Agreed: Prosody rocks. It’s the most actively and openly developed of the XMPP servers, the code is eminently readable, the team is quite security-conscious, etc. Highly recommended.

Posted by Peter Saint-Andre at

Wow, that is easy to set up!

Posted by Mark Nottingham at

Sam - could you contact me please. I think I have found a security violation you should know about. Sorry if this sounds cryptic but I obviously don’t want to post the details here, or on twitter. You have my irl name and email.


Posted by Jack Taylor at

Hmmm. Fascinating.

Getting the latest ejabberd (13.10) to run on MacOSX was a major pain in the rear.

Posted by Jacques Distler at

Add your comment