snikket-server
onionmx
Our great sponsors
| snikket-server | onionmx | |
|---|---|---|
| 1 | 5 | |
| 241 | 191 | |
| 2.5% | 0.0% | |
| 8.5 | 0.0 | |
| 11 days ago | over 1 year ago | |
| Lua | Ruby | |
| Apache License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
snikket-server
-
Modern XMPP
Yes! That's what people do. I don't know about Traefik specifically, but we have docs for many other reverse proxies: https://github.com/snikket-im/snikket-server/blob/master/doc...
If you feel like trying it with Traefik and submitting some example config for the docs, that would be very welcome :)
onionmx
-
Configuring email service in TOR
This readme is quite insightful.
- Onionmx: Mail Delivery over Tor
-
.onion email not found
For anyone curious, onion to onion (and even non-onion to onion) works today if the involved SMTP servers know how to handle it. For example, the OnionMX project. https://github.com/ehloonion/onionmx
-
Modern XMPP
Great question! onion vhosts ([email protected] addresses) don't need that, as long as your client can resolve onion addresses (Gajim/Conversations have good tor integration, otherwise Tor's AutomapHostsOnResolve will do the trick systemwide but in that case your client may complain that the domain doesn't support TLS or with a wrong certificate).
"Advanced" connection settings is required when the vhost you are connecting to doesn't match the hostname you need to reach on the network. For example, if you're reaching your server over a VPN/SSH/IPSEC tunnel.
Another example is if you wish to login as [email protected] by reaching foobar.onion. This is useful if you want to be part of the broader Jabber federation, in which not every host supports federation over onion addresses (i'd be curious to make stats about that) but it still gives you the security guarantees of Tor when reaching your server (though not for server-to-server connections).
Onion name discovery for automatically upgrading to onion routing when Tor is available client-side is not yet specified within the XMPP ecosystem. Onion discovery in the HTTP ecosystem is usually done via Onion-Location HTTP header (HTTPS only), in the email ecosystem they use _onion-mx DNS SRV records: see https://gitweb.torproject.org/tor-browser-spec.git/tree/prop... and https://github.com/ehloonion/onionmx/blob/master/SRV.md respectively
Implementing something similar XMPP side would be easy. Prosody already has a community mod_onions, but currently only supports a static map of hosts to their onion addresses. It could use some love: https://modules.prosody.im/mod_onions.html
Another problem we face from a UX perspective for onion services is that currently XMPP server implementations are very strict about which node/resource messages are intended for, and to my knowledge none support aliasing systems as we have in the email world. In this specific example application of aliases, there's currently no way (that i know of) to have the same account across .org/.onion domains and having servers to know it's the same account in a federated manner, eg. to prevent you from adding the same person twice to your contact list.
All in all there's interesting challenges and none of them is really hard so if you'd like to get involved or just let us know about your ideas and expectations, feel free to drop by xmpp:[email protected]?join
What are some alternatives?
Movim - Movim - Decentralized social platform
mkp224o - vanity address generator for tor onion v3 (ed25519) hidden services
manifesto - A public statement about ubiquitous encryption on the federated XMPP network.
manifesto - The Extensible Web Manifesto
Prosody IM - IMPORTANT: due to a drive failure, as of 13-Mar-2021, the Mercurial repository had to be re-mirrored, which changed every commit SHA. The old SHAs and trees are backed up in the vault branches. Please migrate to the new branches as soon as you can.
tfc - Tinfoil Chat - Onion-routed, endpoint secure messaging system
manifesto - The OpenTF Manifesto expresses concern over HashiCorp's switch of the Terraform license from open-source to the Business Source License (BSL) and calls for the tool's return to a truly open-source license.