On Thu, Dec 20, 2012 at 4:02 PM, Grant <emailgr...@gmail.com> wrote: >>> I should have specified that the people in the organization are spread out >>> in different locations. >>> >>> It sounds like it is difficult/dangerous to run an internet-facing IRC >>> server and ejabberd is unstable? >> >> This is what VPNs are for. I haven't really heard anything seriously >> problematic about ejabberd outside of some folks dislike of adding >> another language runtime. >> >> Whatever you decide to run internally, you're going to need to become >> knowledgeable in its administration. This is why a fair amount of >> folks are outsourcing communications infrastructure. Few believe they >> have the time to learn to manage the thing properly. > > Is ejabberd difficult to run over the internet safely?
I doubt it. But you'd want to give the docs a thorough reading to make sure you have security questions locked down properly. Off the top of my head...don't allow remote registrations (i.e. don't allow clients to create accounts). Require SSL/TLS. Always make sure you're up on the latest security patches. Beyond that, you'd have to read docs. Which is what a lot of self-described sysadmins can't be bothered to do. -- :wq