Gajim is a python based XMPP + OTR instant messenger. Its more secure compared to the complex libpurple partly because its written in a memory safe language and supports one protocol instead of a dozen.
check if above makes sense - gajim might intelligently set a Tor socks user name per account already and manually setting a user name might worsen that
Depends on what upstream answers. Does Gajim set the socks user name different per account? If it does, torsocks might kill the DNS leak, but would also kill the per account socks user name isolation.
torsocks can only be a solution, if it’s known that the application is known to play well with torsocks, i.e. long term tested, mentioned in TorifyHOWTO, audited by somene. This is not the case with gajim.
uwt is just automating torsocks. Cannot surpass torsocks in terms of leak prevention. The first question to ask isn’t uwt, but torsocks.
bindp is only useful for applications using incoming Tor hidden services, that are opening local listeners on localhost 127.0.0.1 that should rather listen on eth0.
Preferences -> Advanced -> global proxy -> mange -> Tor -> check Use proxy authentication -> set username to gajim -> set password to gajim/
It means that I have to write there my nickname, which I use for communication? And the password I used to register on the jabber server for this nickname?
How to change the language?
Meanwhile I have a suggestion on how Gajim’s traffic can be forced to use stream isolation. What if it is installed under its own user account and then you can use bindp to force all traffic for that user over its own isolated stream? Does that make sense? Can it fix things?
Another idea is to setup a local DNS server to forward requests to the port that we want (for the gajim user specifically). In that case you must be careful to disable caching so requests don’t stand out.
Other ideas in the same area: using lxc containers, namespaces or apparmor profiles to manipulate per application network settings.