From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-143591-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 8F7461381F3
	for <garchives@archives.gentoo.org>; Thu, 20 Dec 2012 21:30:44 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 91C1321C119;
	Thu, 20 Dec 2012 21:30:20 +0000 (UTC)
Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 2436A21C09F
	for <gentoo-user@lists.gentoo.org>; Thu, 20 Dec 2012 21:28:28 +0000 (UTC)
Received: by mail-ob0-f172.google.com with SMTP id za17so3867822obc.17
        for <gentoo-user@lists.gentoo.org>; Thu, 20 Dec 2012 13:28:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=LDqSJpuMFcMv3FulJCGSuDqAPuN8zvM5ka4isQawGbE=;
        b=gHWsao2aE/4/hb5+G3OpaT6pLjrBmGyzU2KiIujP5fpSuH7dctXTxJEgXfQOm1Sgh7
         GmJ+E6TsT4dYxwCU6VBQCHyuMeAfRvJL/XfTyiCLlHpZBLkdAyd+Mgu3F1aAsYnhMUAQ
         AmW7XZwcSQuoQBJ1isTtxAverwpXP/1hDze1R0WkVYhctFgF9czqnIuk/X5RWO30+8G+
         zdFCJfYyKDhJM0iL4Xk1H+aJSVUuNN6yQ0GWnhP3oUN/kikE5jgD4jg3/F7Ugb0oeYa/
         TQ0fThh9z+QXrDGgp41Rq9x3dLZ1ii8+Q8t2xNvhJgVQpWVdljAbsXU4TBpX+b4x5t2L
         TDTA==
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.182.38.69 with SMTP id e5mr9307771obk.79.1356038908341; Thu,
 20 Dec 2012 13:28:28 -0800 (PST)
Received: by 10.76.20.243 with HTTP; Thu, 20 Dec 2012 13:28:28 -0800 (PST)
In-Reply-To: <CAN0CFw0YgpzYkpPqPyZ7xi4AfT6BLR3yh5o3h4xW+aMgPqECQQ@mail.gmail.com>
References: <CAN0CFw1WninDPPk4PS85ojoXTP7D1=syDS7gfYYje9vEEUacwQ@mail.gmail.com>
	<50CF44B4.2050107@orlitzky.com>
	<CAN0CFw3fUnHR65MnkTFRNtPn4APHAQ-6iHnZ8XRH_AF5i5wpog@mail.gmail.com>
	<20121218031156.01923a71@khamul.example.com>
	<CAN0CFw2FP2giQveYWAm+Po7QRkvxq2ngnV10T3s3bafw7gCzaw@mail.gmail.com>
	<20121218123016.3ec9c220@marcec.hunte.us>
	<20121218145051.097c4d65@khamul.example.com>
	<20121218155745.23a3ed9f@marcec.hunte.us>
	<CAN0CFw1Xixc6zkcbjshkqpdcZC5pR1H25=FionhLH+Vj6vnm9w@mail.gmail.com>
	<CA+czFiDWg90du8X=k4e0p5_-q6CnDthdi+N=iChbnmfhNx7WSg@mail.gmail.com>
	<CAN0CFw0YgpzYkpPqPyZ7xi4AfT6BLR3yh5o3h4xW+aMgPqECQQ@mail.gmail.com>
Date: Thu, 20 Dec 2012 16:28:28 -0500
Message-ID: <CA+czFiA-x-T8Sy1SAYsDLsGgCBgJAiv-5f_WejQkjEFFTMQe4Q@mail.gmail.com>
Subject: Re: [gentoo-user] {OT} open-source: chat, tasks, resources, code
From: Michael Mol <mikemol@gmail.com>
To: gentoo-user@lists.gentoo.org
Content-Type: text/plain; charset=UTF-8
X-Archives-Salt: c403b54e-c166-43b8-a3ff-10ae7daab58d
X-Archives-Hash: a7b8c73d0f7c4a2d5ff3eba7664978c3

On Thu, Dec 20, 2012 at 4:02 PM, Grant <emailgrant@gmail.com> wrote:
>>> I should have specified that the people in the organization are spread out
>>> in different locations.
>>>
>>> It sounds like it is difficult/dangerous to run an internet-facing IRC
>>> server and ejabberd is unstable?
>>
>> This is what VPNs are for. I haven't really heard anything seriously
>> problematic about ejabberd outside of some folks dislike of adding
>> another language runtime.
>>
>> Whatever you decide to run internally, you're going to need to become
>> knowledgeable in its administration. This is why a fair amount of
>> folks are outsourcing communications infrastructure. Few believe they
>> have the time to learn to manage the thing properly.
>
> Is ejabberd difficult to run over the internet safely?

I doubt it. But you'd want to give the docs a thorough reading to make
sure you have security questions locked down properly. Off the top of
my head...don't allow remote registrations (i.e. don't allow clients
to create accounts). Require SSL/TLS. Always make sure you're up on
the latest security patches.

Beyond that, you'd have to read docs. Which is what a lot of
self-described sysadmins can't be bothered to do.

--
:wq