is there a way to restrict the usage of external components to local users of the openfire server (to which the external components are connected to)?
there are external components (eg jmc, pyirct) that i do not want external users to use (ie i don’t want to be a spam or botnet relay).
i’m trying to migrate from jabberd 1.4 to openfire. with jabberd 1.4 i would just set the jid of the component to a non-dns-resolvable name (“jmc.localhost”) and local users could use it (because the jabber server knew how to route to it using the established session without resorting to dns resolution), but external users could not (because their jabber server did not know how to route to it without a dns-resolvable name). this approach does not seem possible because though the component sets the “to” attribute to “jmc.localhost”, openfire responds with a “from” attribute of “jmc.localhost.example.com” (assuming the openfire server is configured as “example.com”). i’ve looked over XEP-0114 and i can’t tell if this behavior is required (ie “The domain identifier portion of the JID contained in the ‘from’ attribute MUST match the hostname of the component.”).
the problem is compounded by the fact that i’m currently stuck with wildcard subdomains (*.example.com) resolving to the same ip address as “example.com”, so any subdomain resolves to the “correct” dns-resolvable name.
is there a server property that would disable external users from communicating with external components?
the im gateway plugin doesn’t necessitate this functionality/feature/work-around because it is only available to local users due to its integration with the server (i presume for storing user information in the server’s database) and some external components implement ACL functionality, but some don’t.