Posted by – July 22, 2015
A few days ago we updated our ejabberd installation to 15.06. Being up to date we were able to force PFS on ALL (c2s and s2s) connections using this cipher:
Additionally we set our own DHE parameters, just because.
Update: Mati from jabber.at did a quick summary how to upgrade your ejabberd when you’re still at debian/wheezy: http://mail.jabber.org/pipermail/operators/2015-July/002645.html
P.S.: We use the Debian packages from http://debian.sdinet.de/
Posted by – December 25, 2014
Since yesterday we’re experiencing a DoS attack (DNS amplification) against our service. Our hoster informed us that there’s about 2 – 5 gbit/s of traffic.
P.S.: on ipv6 you’re good and still able to use this server.
Update (14:00h): We’re back.
Update (2015-01-03): There was another DDoS attack starting January 1st. We were fully unreachable until yesterday evening.
Up to now there are still reports that from some ISPs people are unable to connect. This might be the result of mitigating the DDoS attack and might last a few more days.
And, please don’t forget to regularly check @jabbercccde on Twitter. That medium gets updates far quicker.
Posted by – September 4, 2014
Today our steering committee took the following decision:
Unfortunately, there is no way for the server administrators to check if
you are actually the person who registered a given account – the only
information you supplied when registering was the Jabber ID and your
Therefor we won’t be giving out new passwords for lost ones anymore.
We’re going to move the jabber service to newly bought hardware tonight, this is attended with moving to a new colo site.
New hardware: Supermicro X9DR3-F, 32GB RAM, Dual Intel(R) Xeon(R) CPU E5-2609.
New colo: Nessus, Vienna/AT
New IP addresses: 126.96.36.199, 2a02:1b8:10:31::229 (just in case your DNS caches the old IPs too strictly)
Sorry if you lost your bookmarks and other information stored in pubsub, but the server didn’t want to start with them being prefilled.
We’ve now finally enabled required encryption on s2s links, so if you’re unable to chat to and see your friends at Google Talk or google-enabled domains, that’s the reason.
Posted by – April 8, 2014
Nope, we’re not affected. KTHXBYE.
Posted by – March 14, 2014
We’ll be shutting jabber.ccc.de down for at about 10:45 CET today since there are planned maintenance works at our colo’s power supply.
These might last a bit too long for our UPS to cope with the outage.
Posted by – January 4, 2014
As mentioned in https://github.com/stpeter/manifesto, we changed the server’s config to require TLS for the server-to-server links.
This might (and possibly will) destroy communications with your friends at Google Talk, since up to now they (Google) do not support TLS on their s2s side of XMPP.
Discussion about this test day can also be found at the XMPP operators list: http://mail.jabber.org/mailman/listinfo/operators
Posted by – November 18, 2013
This morning we temporarily disabled Roster Versioning (XEP-0237) since it wasn’t working and only threw client errors when requested.
Posted by – November 11, 2013
Just in case you haven’t noticed: We’re experiencing quite a nasty bug (maybe, not proven yet) inside ejabberd which leads to a) ejabberd eating all of the available memory and b) afterwards having one thread run at 100% CPU. At this time, ejabberd stops forwarding packets and accepting new connections.
Just to keep you informed.
P.S.: We do have a Twitter account that might (!) have more up-to-date information than you can find in this blog: @jabberccc.de