The problem I currently have is that admin@rhel55 can send requests/IQ stanzas to user@centora. I want to filter any and all cross domain chatter (nobody from host centora can send information to domain rhel55). Is there a way to limit all cross domain chatter?
I have a server installed and configured with the following:
{hosts, ["rhel55", "centora"]}.
...
{host_config, "rhel55", [
{odbc_server, {pgsql, "postgres.domain", 5432, "rhel55_db", "rhel55", "rhel55"}},
{odbc_pool_size, 20},
{odbc_keepalive_interval, 120}
]}.
{host_config, "centora", [
{odbc_server, {pgsql, "postgres.domain", 5432, "centora_db", "centora", "centora"}},
{odbc_pool_size, 20},
{odbc_keepalive_interval, 120}
]}.
...
{acl, admin, {user, "admin", "centora"}}.
{acl, admin, {user, "admin", "rhel55"}}.
{acl, local, {user_regexp, ""}}.
{access, max_s2s_connections, [{0, all}]}.
{access, max_user_sessions, [{1000, all}]}.
%% This rule allows access only for local users:
{access, local, [{allow, local}]}.
%% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
{allow, all}]}.
%% For all users except admins use "normal" shaper
{access, c2s_shaper, [{none, admin},
{normal, all}]}.
%% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.
%% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.
%% Admins can send anything to anyone
{access, mod_filter_iq, [{allow,all}]}.
{access, mod_filter_message, [{allow,all}]}.
{access, mod_filter, [{allow, admin}, {restrict_others, all}]}.
{access, restrict_others, [{allow, admin}, {deny, all}]}.
I think you want something
I think you want something similar to example 5 of http://www.ejabberd.im/mod_filter