The trashserver.net XMPP server is operated with Ejabberd 21.01.
Compatibility / Compliance
Encryption and security
- Clients can only establish encrypted connections.
- External XMPP servers can only communicate with trashserver.net via secure connections. Unencrypted or otherwise insecure connections are not possible. This includes server-to-server connections with:
- Expired certificates
- Incorrectly configured TLS
- Certificates from non-recognized CAs
Self signed certificates are not accepted for practical reasons, because the server must be able to determine the validity of foreign certificates immediately (!) and on its own(!).
- Passwords are hashed and stored in the database. By default, the authentication method SCRAM-SHA-1 is used.
- The DNS entries for trashserver.net are DNSSEC signed and can be verified by compatible clients.
- The outdated encryption protocols SSLv2, SSLv3 and TLSv1 cannot be used to connect to the server.
Alternative connections: BOSH / Websocket / Tor Onion Service / XMPP over TLS
|Service||URL / Host||Port|
|Tor Onion Link (v3)||
|XMPP over TLS||
Note: It is not possible (and also not necessary) to offer a valid TLS certificate for the.onion address. Since access via.onion is already sufficiently secured, a check of the offered TLS certificate can be omitted. However, this does not apply to access via TOR and trashserver.net address (without.onion link) The http_upload module also works with the normal DNS and classic connections to the Internet when using the.onion address. A “normal” Internet connection must therefore be possible in parallel for its function.
If you’re interested in the server configuration and you would like to get inspired by it, feel free to visit the public trashserver.net XMPP GitHub repository!
- Maximum message backlog for MUCs: 500 Messages
- Maximum file size for uploads (http_upload): 100 MB