[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

xmpp client... please help me finding a solution

It’s almost 2020 and I’m still using xmpp (due to popularity of it, I’m forced to use it in order to stay in touch with many people, please do not suggest using different communicator).
I was using Pidgin for a long time, but lack of any sort of support for it makes it impossible to use anymore. Running more than 1 xmpp account at the time, I get spammed about 10 messages + contact request / hour. The plugins (antispam) are outdated and you can barely find working download and even if you find it - it’s broken on so many levels.
Pidgin started to get crazy for me, showing me offline buddies on contact list even if I change in settings not to do it.
I need xmpp client with OTR support. ONEMO is optional. Is there any existing software that I could be using?
I will be extremely thankful for any sort of clue
Best wishes for whonix community.

XMPP is really looking to wide-scale implementation of OMEMO and not using OTR anymore. As a result, it may be tougher to find clients that will continue to support OTR as time passes
In the meantime Jitsi, Gajim, and Xchat are a few that come to mind that DO support OTR for the time being

Quick overview:
OMEMO
will replace OTR in XMPP clients
gives perfect forward secrecy
new key for every message
messages encrypted with AES-GCM
uses device identities (as opposed to user identities)
easy to use
reasonably secure (nothing is perfect)
currently in use for XMPP

OTR
also has forward secrecy
uses AES and Diffie Hellman for key derivation
also reasonably secure
somewhat difficult to employ (opinions vary of course)
can be considered deprecated
Those are just some quick points. Since OMEMO will eventually fully replace OTR for XMPP, clients and servers will start to phase out OTR.
Also, very important: the best solution, regardless of otr or omemo, would be to set up your own xmpp server as a v3 onion and communicate that way. This way, any metadata would be in your possession only, and man in the middle potential would be eliminated.

I’m aware of ONEMO being much better encryption than OTR.
If this were up to me, I would use ONEMO only. Unfortunately, most people are still relying on OTR, hence my post. Servers and clients seems not to care about forcing ONEMO… or they take their time.
Thank you for recommendations of clients that currently support OTR. I’ll check all of them.

Any solution/idea what can be done about xmpp spammers? Pidgin used to have plugins that could blacklist some words and you could simply manage your blacklist to contain most used words by spammers, so you wouldn’t see it.

Appreciate the response, all the best

I have similar issues. I’m using several clients, depends on who I’m communicating with. Gajim for OMEMO, CoyIM for OTR, Pidgin when CoyIM doesn’t work… I tried adding the OTR plugin to Gajim and didn’t manage to.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]