A 已经在我的 Archlinux 机器上测试了 ejabberd 20.03 几个星期,作为家庭中可能的 WhatsApp 替代品。我为我的用户数据库使用 postgresql 后端。直到今天一切顺利:我为姐姐创建了第三个帐户。登录没问题,我们可以互相聊天。问题来了:她可以看到我和这里儿子的聊天记录,这是/是第一个非管理员用户!他的聊天记录是明文,而我的不可读。
我没有创建一个聊天室,几乎所有的东西(除了用户认证的东西)都是默认的。我们都在 Android 上使用当前的对话。我不知道这里发生了什么...
模块部分:
modules:
mod_adhoc: {}
mod_admin_extra: {}
mod_announce:
access: announce
mod_avatar: {}
mod_blocking: {}
mod_bosh: {}
mod_caps: {}
mod_carboncopy: {}
mod_client_state: {}
mod_configure: {}
mod_disco: {}
mod_fail2ban: {}
mod_http_api: {}
mod_http_upload:
put_url: https://@HOST@:5443/upload
mod_last: {}
mod_mam:
## Mnesia is limited to 2GB, better to use an SQL backend
## For small servers SQLite is a good fit and is very easy
## to configure. Uncomment this when you have SQL configured:
db_type: sql
assume_mam_usage: true
default: always
mod_mqtt: {}
mod_muc:
access:
- allow
access_admin:
- allow: admin
access_create: muc_create
access_persistent: muc_create
access_mam:
- allow
default_room_options:
mam: true
mod_muc_admin: {}
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
mod_privacy: {}
mod_private: {}
mod_proxy65:
access: local
max_connections: 5
mod_pubsub:
access_createnode: pubsub_createnode
plugins:
- flat
- pep
force_node_config:
## Avoid buggy clients to make their bookmarks public
storage:bookmarks:
access_model: whitelist
mod_push: {}
mod_push_keepalive: {}
mod_register:
## Only accept registration requests from the "trusted"
## network (see access_rules section above).
## Think twice before enabling registration from any
## address. See the Jabber SPAM Manifesto for details:
## https://github.com/ge0rg/jabber-spam-fighting-manifesto
ip_access: trusted_network
mod_roster:
versioning: true
# mod_s2s_dialback: {}
mod_shared_roster: {}
mod_stream_mgmt:
resend_on_timeout: if_offline
mod_vcard: {}
mod_vcard_xupdate: {}
mod_version:
show_os: false
显然,这里还有一些你没有注意到也没有提到的事情。
也许 mod_mam 已启用,并配置为默认存档所有对话。但是还有其他必要的事情发生,也许您的客户正在重复使用帐户,因此不同的人可以访问相同的帐户......