Feb 25, 2004 (03:02 PM EST)
How to Configure The Jabber Instant Messaging Server
Read the Original Article at InformationWeek
Jabber is an open source project designed to provide secure real-time messages and presence information transfer between multiple entities on the Internet. Due to the wide variety of developers who work on jabber, it is highly configurable for a range of different situations. For example, a server can be used privately by a company, or open to the public Internet. In this guide, you will learn how to configure a jabber server for a private organization, as well as how to setup some more advanced features.
Jabber is a smaller and more efficient server which is capable of being available only to a corporate network or specific users. The source code is freely available, which allows administrators to add or restrict features as they need. This flexibility makes jabber a natural choice for internal real-time communications.
Note: The jabber server is capable of being restricted to internal use only. But if gateways to other instant messaging systems are installed (such as AOL IM, MSN, ICQ, etc), users registered with those messaging systems will be able to contact users outside of the restricted site. Because the other messaging systems rely on a single central server, you cannot restrict access to those systems, you may only allow or deny it completely by installing or removing the gateways.
What is Jabber
Preparing for Installation The jabberd server is a very powerful piece of software. It was originally designed as a proof of concept project, but it has been tested with 10,000 simultaneous users. Before we jump into setting up a server, make sure that you have the following software available to you:
OpenSSL is highly recommended, especially if anyone is going to connect to the jabber server from outside your corporate network.
All three of these packages are typically installed by default on most Linux distributions. If you do not have these packages installed, you can obtain the source code from the links in the previous paragraphs. Compiling the packages is very straightforward. Simply unpack the source code, enter the software's directory, and type
There are also some network prerequisites for jabberd. Each connection to the server requires approximately 15 bits per second. A standard LAN connection on a corporate network is more than enough bandwidth to handle a large jabber server. The jabber server should also have its own fully qualified hostname in DNS. Something like jabber.mycompany.com is usually a good name to use. Finally, if you have a firewall blocking the computer that will run the jabber server, you need to open a few ports, depending on your usage. If you want to allow normal, unencrypted connections, open TCP port 5222. If you want to use SSL encrypted connections, open TCP port 5223. Finally, if you wish to use server to server communications, which allows users on your jabber server to communicate with users on other jabber servers, open TCP port 5269. If you want to limit your jabber server to a private network, keep TCP 5269 closed.
If you have users connecting from outside your corporate network, you should use SSL. It encrypts all data between the client and server, which makes it more difficult for attackers to break into. Using a VPN is also a good way to secure your communications with jabber. Most jabber clients support SSL, which makes it easier to set up a secure connection for users.
Now we're ready to move on to the installation of the server. First, you need to download the server. I will be describing the installation of version 1.4.3, which is available at http://jabberd.jabberstudio.org/. Once you have downloaded the source code, find a good place to install. Wherever you unzip the distribution is where it will be installed. I recommend unpacking the source code in /usr/local. This will create a directory called jabberd-1.4.3. Once we move into /usr/local/jabberd-1.4.3, we are ready to configure the server. Type
When it finishes, type
When everything finishes, we are ready to set up the server for your environment.
Configuring for a Private Network
Change the name
Now we're ready to start the server. Make sure that you are in the directory /usr/local/jabberd-1.4.3. All the files that jabber.xml refers to are relative to this directory. To start the server, type
The server will start, and you can use your favorite jabber client to register and connect. If it fails to start, add the
Adding Other IM Client Gateways
First, you need to know what gateway you need. There are gateways available for AIM, ICQ, Yahoo!, MSN, Gadu-Gadu, IRC, and even email. Since installing each gateway follows the same process, I will describe installing the AIM gateway, and give notes on how to install the rest. (Note: Gateways are also called transports on many jabber sites.)
Before you can install a new gateway, you need to download it. You can find a list of all the gateways at http://www.jabber.org/admin/components.php. Copy the downloaded file into your jabber directory (/usr/local/jabberd-1.4.3, for us) and unpack it. Move into the gateway directory and type
When this completes successfully, you may copy
Most gateways suggest that you run them as a separate process. This means that if the gateway crashes, it will not crash your jabber server, and users will not be disconnected. In order to do that, you need to add a service definition in the main jabber.xml file, and create another config file for each gateway you wish to use. The changes to jabber.xml are simple. Find the area near the middle of the jabber.xml file where there are many
<service id="aimlink"> <host>aim.jabber.myserver.com</host> <accept> <ip>127.0.0.1</ip> <port>5566</port> <secret>my_secret_password</secret> </accept> </service>
Once you have that added, restart your jabber server. Do this by running
<jabber> <service id="aimlink"> <connect> <ip>127.0.0.1</ip> <port>5566</port> <secret>my_secret_password</secret> </connect> <uplink/> </service> <pidfile>/usr/local/jabberd-1.4.3/aim.pid</pidfile> <service id="aim.jabber.myserver.com"> <load><aim_transport>/usr/local/jabberd-1.4.3/aimtrans.so</aim_transport></load> <aimtrans xmlns="jabber:config:aimtrans"> <vCard> <FN>AIM Transport for myserver.com</FN> <DESC>An AIM Transport for myserver.com</DESC> <URL>http://myserver.com/</URL> </vCard> </aimtrans> </service> </jabber>
The most important note is that the IP, port, and password must be the same as they are in your jabber.xml file. The
Now that you have this config file completed, you can start your AIM gateway. Do this by running moving to the
Where to go from here
Enjoy your new jabber server.
Jeremy Baumgartner (email@example.com) is a UNIX systems administrator
for the College of Engineering at the University of Wisconsin Madison.
He maintains the college's jabber and web servers as well as developing
site specific software.