XMPP (Prosody) Integration with MIAB

I had modified 10-master.conf to provide the linux socket, created the directory /var/spool/prosody/private and accommodated auth socket there. I had installed prosody-0.10 and get prosody to import the letsencrypt certificate. I had put the following codes into prosody config file:
cross_domain_bosh = true
consider_bosh_secure = true
authentication = "dovecot"
dovecot_auth_socket = "/var/spool/prosody/private/auth"
auth_append_host = true
–dovecot_auth_host = “”
–dovecot_auth_port = “143”

I had set up the service record in MIAB DNS (5222 and 5269). But I don’t know how to to enable the firewall to allow port 222 and 5269 to talk to the world. Please help. thx

i had ufw allow 5222 and 5269 but it is not successful

is prosody running and configured to the domain that users will login with?

yes, it is. the website is https://box.supportsystems.io and if you dig _xmpp-client._tcp.supportsystems.io srv you would get ;; ANSWER SECTION:
_xmpp-client._tcp.supportsystems.io. 1799 IN SRV 0 5 5222 box.supportsystems.io.supportsystems.io.

The above established the fact that miab dns is working properly. the ports 5222 and 5269 are open at least internally and ufw status verbose also show 5222 and 5269 are open. But gajim and pidgin (xmpp client) both could not reach the server. I think there is something to do with firewall that preventing 5222 and 5269 to be available, but I really dont know how to troubleshoot further. thx

hi, just to keep updated: the dnssec and dane are making it difficult to xmpp clients to connect to the xmpp services. There is no quick solution for MIAB (as it is heavily protected by DNSSEC and DANE).

I had done it. This is the installation guide that should work with your copy of MIAB

I just realized the upload facility is only meant for image (png) file. Is there anywhere I could upload the word document for the installation? Basically with super MIAB stability and functionalities, we could extend MIAB to accept prosody and thereby supporting XMPP.

sorry to take so long to reply. the answer is yes, you simply create the id in mail in a box admin dashboard and use an xmpp client such as pidgin to login