Last Updated: February 25, 2016
· fooforge

ejabberd -> Google Talk issues with Google apps domain

The situation

You have your own ejabberd server running under your own domain to chat with your friends as Your domain is also your Google Apps domain.

You're easily able to connect to users on or, but adding buddies using Google Talk doesn't work at all.

While hovering above your buddie's name in your $favoritejabberclient you get the following error message presented:

404 - Remote server not found

Road to salvation

  • You type 'ejabberd google talk' into Google and stumble upon this page on In your ejabberd configuration file you make sure that you have the following directives enabled:

    {s2susestarttls, true}.
    {s2scertfile, "/path/to/server.pem"}.
    default_policy, allow}.

  • You also give ìptables -L` a try to check whether there're any blocking iptables rules present.

  • You read about the DNS SRV issue and decide to give this a try as well. For some reason you don't know much about SRV records. You stick to the SRV Generator therefore.

By now your problem should've been resolved.

But if that's still not the case go to your Google Apps account (from GMail click on the cogwheel -> hit Manage) and disable Google Talk for your domain. Afterwards your connection issues to Google Talk users will be a thing of the past.

1 Response
Add your response

I wish I found this post from the beginning. It summarizes what I've been searching for and trying for a week, in a few lines. Only until today morning that I managed to get ejabberd work with some jabber servers (, but not with google talk.

I'm trying to get ejabberd to communicate with google talk, such that users on my domain ( can chat with users on google talk ( My domain is not a google apps domain.

When sending an invite from google talk to one of the users on my domain, I receive a Mail Delivery Subsystem mail saying:

Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the recipient domain by [IP_ADDRESS of].

The error that the other server returned was:
550 5.7.1 Unable to relay for

Another thing I noticed is that when sending an invite from google talk, it first checks if any of the invited emails are using an open communications service. For users, it detects that they are using an open communications service, but not for users of my domain.

Do you happen to know about how to make this work?
Already configured DNS SRV records, enabled starttls, created a self-signed certificate for, and set default s2s policy to allow. No firewall, and can telnet to the server with 5222 and 5269. Also explicitly allowed s2s connections for,,, and (even though this is redundant with default s2s policy set to allow).

Any help is appreciated. Thanks.


over 1 year ago ·