@stux @Bellingcat
btw. since you're hosting users likely to be targeted by a government:

After dealing with this abuse request stuff, you might want to take a look at this, if you haven't already: devever.net/~hl/xmpp-incident