Slashdot Mirror
Good Open Source, Multi-Platform, Secure IM Client?
Phil O. writes "I work for a company with 30+ locations across North America. Some offices have hundreds of employees; some only a dozen. We're looking for a secure, multi-platform IM client we could implement across the organization. One group is pushing for Microsoft's solution, but it has a number of drawbacks (including cost). What other options are out there, and what has worked well in similar situations? Security is a big concern for the company."
IBM's Lotus Sametime is very good I think. No idea how much it costs though, probably not cheap and it isn't open source.
Jabber server, pidgin clients, and http://pidgin-encrypt.sourceforge.net/ for security. Really it's a shame this even made it to slashdot. Can't anyone google anymore?
talk
http://www.pidgin.im/
http://en.wikipedia.org/wiki/Pidgin
http://www.cypherpunks.ca/otr/
I'm betting www.jabber.org will be echoed over and over in the responses. Considering Google uses it to power Gtalk I say its scalable.
http://silcnet.org/
Microsofts solution is NOT multiplatform. Anything that runs jabber protocol has a multiplatform client.
So how about Pidgin with the OTR plugin? afaik you can't get more secure than OTR with IM, and it's available for a few different clients.
You could try recommending Pidgin with the Off The Record plugin. I can't say I've personally gone through the code and verified all of its claims, but the plugin looks promising, and it's easy to install.
We use the Openfire server (www.igniterealtime.org) with the Spark client over several offices in different states and over 3 different platforms. SSL is available as well (which we use).
So far no problems beyond user error. I'd recommend it.
Pidgin + Internal Jabber servers did it for us.
http://www.jabber.org/web/Servers
http://arch.jabber.com/archives/2004/04/000096.html
Use Pidgin with OTR. It is a good balance of security and convenience, you just need to be careful about not having your hardware stolen (OTR keys are not symmetrically encrypted the way PGP keys are). You might be able to resolve that by also using whole disk encryption...
Palm trees and 8
Spark Client and Openfire Server
igniterealtime.org
I've never actually implemented Jabber before, but it seems like the obvious answer. You should be able to set up your own server without paying any software costs, and use GAIM/Adium. I think encryption is supported, but it's slightly less of a concern if the traffic never leaves your own network.
Actually, depending on your requirements, you may not want clients to encrypt traffic, so that you can log and archive it.
I would go about your problem by first separating the client from the actual protocol. If you are worried about cross platform I would of course go with an XMPP solution. You can do the following:
- Run an OpenFire server Here
- Pick from a slew of XMPP clients but I would problem pick the Spark IM Client (Same people as the OpenFire software)
This way you don't have to worry about Client A working with Protocol B across Windows/Linux/Mac.
Using XMPP is also an easy way to control your IM facilities as you can create an organizational system for creating names such as using email addresses as screen names and not have to worry about Bob from Accounting using PiMpMaSta23.
I would evaluate OpenFire and the Spark IM client and see if it fits. The server is very easy to set up and administer. You can also use Pidgin or Psi as XMPP clients although I think Spark is the most professional looking of the three.
Turn based strategy game that runs over XMPP. Phalanx
I've heard good and bad things about Skype. They say that they have encryption, but other "security experts" have said that it's not secure enough for businesses (however, I have no sources to that effect). I use it on occasion to talk to fellow employees, and I like the features it brings (such as the video conferencing capabilities), even if the interface is ugly.
Then again, skype is more voip than instant messaging, so it may not be what you're looking for. Still, I'd consider it (despite its problems)
"Intelligence has nothing to do with politics!"
-Londo Mollari
Everybody is saying "Pidgin", but a client won't do you any good without a server to connect to, and if you really care about being secure, you shouldn't trust any third-party server that is publicly accessible.
You should probably set up your own Jabber server; I recommend Openfire, which is open source, easy to install, and pretty powerful. It is possible to mandate that all clients must use encryption to connect, which will do a pretty good job of keeping things secure, and you can use any XMPP client that supports encryption. If you don't want even the server to be able to read your messages, as others have suggested, installing an OTR plugin for your client is the way to go.
Karma: Terrifying (mostly affected by atrocities you've committed)
Pidgin is portable, under active development, works for multiple IM protocols, sports a healthy collection of plug-ins that augment its functionality -- include OTR to provide relatively secure messaging services. It's not perfect by any means, but I've deployed it across a 150-person organization and found that it more than met their needs. So if you're going to spend money -- not that you need to -- one possible course of action is to try pidgin, identify any issues that are causing you problems, and negotiate a deal with the developers: make a contribution to fund the development, which in turn not only benefits you but the entire rest of the user community.
Why not IRC?
Give me Classic Slashdot or give me death!
I'd have to say if you are a big company or so it seems, and security is your biggest concern. Wouldn't you mind paying money for a solution that has a company behind it. If microsoft's solution does not provide multiplatforming, look somewhere else. Wouldn't you want to pay a few dollars to have the piece of mind to know that the security of your company is safe.
What about looking at Sametime ? Multiplatform, secure, Java based and supports voip, webconferencing, sharing of apps and a whole bunch of other plugins. www.ibm.com/sametime.
Jabber Security:
http://www.saint-andre.com/jabber/Security.pdf (fair warning: annoying pdf)
ejabberd:
http://www.ejabberd.im/
Skype? Since when is Skype secure man?! Have you read Slashdot?
Skype has backdoors and Austrian government bragging about how they use it. Why would you think others cannot use these backdoors too?
I have used this combination at two jobs now, it supports multiple offices and also has LDAP integration if you wanted to hook it up with Active Directory. There are also a handy assortment of plugins available.
I set up a truecrypt partition of a few megs to autoload on startup (with password) and then set my pidgin application folder inside that partition so that i can save all my logs, but have them password protected.
ejabberd ( http://www.ejabberd.im/ ) for servers (the service can be clustered), psi ( http://psi-im.org/ ) for clients. Forced TLS and/or (Open)PGP-Keypairs for security.
Finch is great because it's command line. It supports almost all IM clients even IRC.
Novell GroupWise Instant Messenger is secure by default. It has its own client or you can use Pidgin. The server is not hard to set up and get running either. (Disclaimer, I work for Novell.)
SupraBrowser
It's a secure, threaded IM client (all socket communication 3DES encrypted with a zero-knowledge proof SRPP), written in Java, that runs on Linux, Mac, and Windows. It was developed for the hedge fund industry in Boston. I developed it initially, but it's mainly being maintained, not developed further because we don't receive any new feature requests.
Don't let the extensive features fool you. It's primarily a secure, threaded IM system. The other features were added (email gateway, auto-forwarding to email, embedded web browser with sophisticated tagging engine) based on its being used *very* heavily every day and requests coming from highly advanced users of the system.
There is also a Firefox plugin that integrates with it, as well as a pure ajax client written in the Eclipse Rich Ajax Platform.
Feel free to contact me personally for any details or help setting it up. The release on sourceforge assumes fairly good technical abilities (building it from ant, getting xulrunner to work with javaxpcom) and is not a general packaged release. However, it is running many places in production.
suprasphere@gmail.com
David Thomson
Why does it have to be opensource? Do you intend to develop code/patches for it?
BeauHD. Worst editor since kdawson.
silc is a good fit. Array of clients for Mac/Win/Nix easy to setup and use.
You can setup the thing completely in-house (you don't have to trust a contractor), or you can opt for a canned solution (for example Jabber, Inc., http://www.jabber.com/, they do provide everything for big and small companies, and are backed by Cisco). It uses SSL/TLS for secure connections both between clients and servers (C2S) and between separate servers (S2S), with full support for certificate authenticity checking, and even PGP/GPG encryption between the users, should they need to exchange really confifental data that even a rogue company server admin shouldn't be able to intercept (message encryption, pretty rare among proprietary protocols, but happens), or be sure that joe.the.boss@company.com is really Joe, their Boss, and not someone who just happend to "borrow" their laptop at the airport (signed presence, something, AFAIK, no other protocol provides). There are XMPP servers and clients for almost every platform possible, open-source or commercial, the protocol is open and approved by IETF for IM-style communication.
I won't give you any specific names, but I believe it wouldn't be very difficult to find a few *very* big companies using XMPP to prove to your boss that it's being used like this by big players in the industry.
And, frankly, that's the only open solution to your problem.
This is Slashdot. Common sense is futile. You will be modded down.
Read? Who reads anything on here? I only post.
My blog
It can replace your Exchange server for email, has an XMLPP IM server built-in, and is much more cost effective and easier to administer than Exchange.
Why not use irc or jabber over an SSL connection? Most clients already support it and it allows you to have as many groups as you want at a time.
When I was considering IM solutions for my company, I was looking into SILC, as that lets me run my own servers in addition to keeping traffic encrypted. I know that wasn't part of your original question. But it may be something you want to look into. Pidgin apparently has SILC client support built-in as well.
Dont know much about it, but it appears to support encryption straight from the transport level with no kludges like OTR.
Looks open source too.
Psi and a Jabber server of your choosing would do.
Psi is fully multi platform, supports various encryption options. It isn't any harder to setup and install than any other corporate instant messaging system.
Additionally, there is no cost involved.
Change is certain; progress is not obligatory.
"More Skype Back Door Speculation ."
Not saying Skype is secure or anything, but do you have any hard evidence, or facts?
Nobody on slashdot would typically suggest Novell for anything. Patent issues, selling their soul to MS, working with mono, You should know better.
Pidgin + OTR + Jabber server if needed = good solution, open source, no software costs of any kind (only hardware).
I would recommend the open source OpenFire server. Install it on your own server, then set the preferences to force SSL connections. Then communicates passed between clients on any platform are SSL encrypted. Turn off local client logging for better security. Beyond that, it's all client-side stuff that doesn't port as well.
Nicodemus
Last sentence of my link, next time try to read more than just the title.
Can any of the IM save the ENTIRE voice-chat session?
I need both incoming and outgoing voice saved. (A plain old wav file is fine.)
Thx
"More Skype security Speculation."
Do you have any evidence that the Skype protocol is secure?
Note, Obscure != Secure.
next time try to read more than just the title
But my "Slashdot User's Handbook" says I'm not supposed to!
Anyway, I was wondering if there was any papers or anything to follow up that post. Something that would move it from speculation to truth. There's some papers in the comments linking to notes about obfuscating against reverse engineering. The last sentence just said the Austrians claim they can easily listen into the conversations.
How did miranda make it into the tags? I'm in IT at a company of about 270 people, and one single Miranda client is enough to bog down the server thanks to malformed data that it sends.
When I am king, you will be first against the wall
With your opinion which is of no consequence at all
I have been a fan of the Spark Client and Openfire Server as an IM platform for quite sometime. They are built on the XMPP and Jabber protocols. After being in a corporate environment before, I know it's hard to convince management to go with an OSS solution as they seem to think that if it doesn't have a price tag, it's not secure. The Spark/Openfire platform come in an 'Enterprise' flavor with support to appease management as well. Both the client and server are built on a plug-in style architecture, so it's pretty easy to include your own software add-ins. There are really too many features for me to really go into though.
Gale -- http://www.gale.org/
It's secure, easy to set up (including both client and server), and there are multiple clients for it, including both command-line and GUIs, and for both Linux and Windows.
All messages are cryptographically signed (unless the user chooses to send anonymously), and messages can be either plain-text or encrypted, depending on who they're being sent to.
i too will say jabber for the mod points
Pidgin's a great client for personal use. I use it and like it a lot.
Sure, they can set up a Jabber server of their own, then connect to it with Pidgin and use one of the encryption plugins for security but I doubt an organization that is concerned about secure IM is going to be interested in a solution with so much possibility for the users to start adding their own personal, outside, public IM accounts.
I would say Jabber server with any jabber only client which supports encryption and can have it's config locked down. Of course, they can block access to outside Jabber servers with a firewall but why not stop them from trying in the first place too.
IM client security? Pshaw. None of the IM client vendors give a whack about security; Viruses and trojans abound.
What do you want security for? If what you want is corporate security, consider using pidgin, setting up a corporate jabber server, and locking all other IM services out.
http://concentric.com/business_messenger_im.php
If you want an out-sourced solution, Concentric offers this one. Seems to meet your requirements.
(full disclosure - I work for them)
Multi-platform =and= multi-protocol.
I suppose it's a question of "How secure does it need to be?" If it's launch codes, then I would be uncomfortable with any IM type exchanges, send a messenger in a tank for that. If the company we're talking about is "Del Taco corporate offices" then Skype is probably "secure" enough that Taco Bell wouldn't bother.
I'd be curious as to the general consensus as to what the chances that if say Pfizer were to be communicating trade secrets via skype or messenger, that those messages would be stolen by another pharmecutical or other entity? Or is "secure" more for preventing computer systems from being compromised by hackers or viruses rather than competition? It's all good to say that the australian government can listen in on your skype conversations, but aside from your rights being eroded, what are some of the more tangible risks?
Why Oh Why can't you use Google like the rest of us??? http://ask.slashdot.org/article.pl?sid=06/06/14/0118232
That's true. I have tried to Google, but that is not really yielding satisfying results. I have come across several sites mentioning backdoors in the protocol or the program exploitable by government or someone else. Those are just rumours. However, via the Skype wiki I found a website detailing the leaking of a German report to the German 'Piraten Partei'. I have read it and it seems to be a quote of sorts for "Skype-Capture-Software" and several options, including SSL decoding and the installation of it all. It also mentions two proxy-servers to hide their own IP adresses, but there is no price given. So all in all, this -- as far as I could find -- is the most concrete evidence supporting that Skype is in fact not secure.
Plus, pidgin is portable.
http://portableapps.com/apps/internet/pidgin_portable
Upward mobility is a slippery slope - the higher you climb the more you show your ass.
Anyone recommend one?
Would make it simple to role out and update/manage.
I've seen flash based IRC working ok.
I'd like to mention that unfortunately pidgin doesn't support some of XMPPs more uncommon features very well.
For instance connecting the same account from different computers at the same time is solved by XMPP via resource identifiers and is incredibly handy, but pidgin lacks the option to set the priority so you can't control where the messages arrive.
Anybody knows if there is work done in this direction?
Personally i think the perfect client for XMPP is Psi, the only thing i've missed with it is OTR support. Though it might not be best suited for the average DAU.
I run half a dozen jabberd servers (and one jabberd2) and use PSI on windows machines for clients. I also generate the user rosters myself with some nifty scripts so that users always see everyone else in the companies.
Not speculation
In this case, for once, I have to say just use a commercial solution. Maintaining your own servers is expensive, and supporting it is a headache your IT people don't need. Just go with Skype if you want video and free phone service as well, that is very multi-platform. It's not open source, I admit, but it works well.
If security is of the utmost concern you like imply, then SILC is the way to go: Designed from the ground up with cryptography built into the protocol, scalable and has very easy server configuration. Access can be granted or revoked via public key authentication. Unlike other suggestions I've seen on here, transport security isn't just an add-on to a cleartext protocol, it *is* the protocol. And it's is end-to-end encrpytion, not just client-server. It is supported by Pidgin and numerous clients on most operating systems, and due to it's MIME protocol-support very extensible so it can even support voice, video and picture messaging. As far as clients go tho, Pidgin is not the most secure of them, but it is multi-platform and multiprotocol, and probably the most ubiquitous one as far as multiplatform IM-clients go. However, it's well known that putting all your eggs in one basket, or in this case, one IM-client, can expose your entire organization to problems when one shows up. So from a security standpoint, you might want to consider supporting a couple of clients. My two cent.
C'mon now, I can't believe no one has bothered to mention an SIP server.
Absolutely, positively the way to go because there's multimedia capabilities in there ready to go.
http://www.opensips.org/
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
Openfire is a great server that we use for our internal IM. As for clients, I personally like Psi. It is cross platform and supports openpgp.
But my "Slashdot User's Handbook" says I'm not supposed to!
Ha! Nobody's read the handbook!
This comment is fully compliant with RFC 527.
At our office, we were using IRC for many years. We recently rolled out a jabber/xmpp server, Openfire, and associated clients for the users' platforms. It's secure, and full-featured.
Anything that is Jabber/XMPP based will support a wide range of clients and has the ability to use SSL. You not only can encrypt SSL traffic, but a good server will allow you to require clients that connect to have a known and valid certificate. And the server must have a certificate that is known to the client. It's only as secure as your process of distributing the certificates.
For a client there are many. Coccinella has a nice whiteboard features that I have found useful in the corporate world. But Pidgin, Miranda and others are fine too. (I also use centerim in a screen session of all things)
“Common sense is not so common.” — Voltaire
Are you serious?? Openfire for the XMPP (aka Jabber) server, and Pidgin for the client. If setup correctly, you can force SSL/TLS encryption. I've implemented this at my company and it's rock solid. Beats the hell out of any proprietary solution you'll find, if IM is your main goal. I'd recommend setting up XMPP service DNS records for your domain for a really slick implementation.
Actually, depending on your requirements, you may not want clients to encrypt traffic, so that you can log and archive it.
Exactly my thoughts.
I'd recommend IRC. Set up one IRC server per location and tunnel inter-office connections over ssh or ssl [have a look at stunnel]. Whether to encrypt intraoffice communication depends on local requirements, but again there's stunnel.
If employees don't trust each other or the sysadmins, your organization probably either has serious problems, or it's the DOD.
Use a Jabber server, there are many out there, and it also offers the benefit that you can split the service up into subdomains, ie your larger sites have their own local jabber server but can communicate with the others, so you have for instance:
user@newyork.yourcompany.com
user@london.yourcompany.com
You can also open it up to the outside if you want, and you can also make people's jabber id's match their email addresses...
For clients, being an open standard you have a huge choice of clients, pidgin is good and cross platform for instance, try a selection and see which one suits you best. Same for the server, try a few and see which works, if you have multiple servers there's no reason for them all to run the same software, and similarly you don't need everyone running the same client.
And of course, being an open standard you are free to change clients and servers whenever it suits you with minimal disruption, and supporting new devices will give you the widest choice - there are jabber clients for every significant OS and most mobile or embedded devices.
Incidentally, i doubt microsoft's offering satisfies your "cross platform" stipulation.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
How much more is it secure, dude ? Please explain.
Give GroupWise Messenger a chance in your evals, it's a very small server that is very light weight on the hardware and can server millions of users. It has a windows client but works with Pidgin (Linux) and Adium(Mac).
Made by Novell.
-JPM
This is what http://www.silcnet.org/ is for.
SILC (Secure Internet Live Conferencing) protocol: designed to provide most rich featured conferencing services and high security.
I think he means 'Yahoo' it
Scary story: I was listening to the radio and there was an ad for yahoo homepage, and they claimed that you should use their service because they have "search as you type". Apparently they didn't realize google has this too?
I like the Openfire server with Spark client myself.
Although Sametime itself isn't open source, the newer versions are based on Eclipse (as are the more recent versions of Notes). Whether or not the overhead of running an instance of Eclipse to handle IM is a good idea or not is up to you.
I'm willing to take the -1, Flamebait on this:
Did you even -think- about trying, oh, say, a web search on this?
Google is pretty good, I suggest you try it.
What a pointless Ask Slashdot.
If firefighters fight fire, and crimefighters fight crime, what do freedom fighters fight? - George Carlin
I pitty the foo who don't use Webcrawler!
You can't take the sky from me.
there is gale which is secure, protocol based, distributed, and quite nice all around.
http://notanumber.net/
It seems like a serious environment. In that case he needs features like screen sharing, multi-way chatting, integration with the email client (setting up meeting also requires other stuff really), and at least extranet user gateway.
No, there isn't anything open source offering all that. So it's not really matter of "Can't anyone google anymore?". The question is valid, he probably already knew about jabber & pidgin & co, but was hoping for something that actually could be used too.
Does this mean we can finally stop arguing about whether or not Mac OS X's marketshare helps it remain "secure"? I kid...
While Skype is a cross platform IM tool, the one shortcoming I find with it is the Linux client does not support Video.
Is there a solution for cross platform video conferencing?
being vague is almost as cool as doing that other thing...
The goal is for people to have a standard way to communicate, not to pick a standard tool. Standardize on a multiplatform protocol (MSN, Yahoo, whatever) then pick a "best of breed client" for each platform (windoze, mac, linux, etc.)
Do not force people on different platforms to use the same application. You'll be fitting them to a Procrustean bed.
-- "At Microsoft, quality is job 1.1" -- PC Magazine, Nov. 1994
The US Defense Information Systems Agency (DISA) publishes security guides on many different subjects, including one on instant messaging. It's fairly generic, and applicable to lots of different protocols and products. If you want to deploy an IM solution securely, then you'll want to consider some of the recommendations as a starting point. About half of the recommendations are DoD-centric, but the rest are generally pretty good for everyone. It's publicly available here.
Note, Obscure != Secure.
Tell that to the military. They've been wasting billions on some crap called "camouflage" for years now.
I use CenterIM, formerly called CenterICQ.
It's ncurses based, so it runs in any real computation environment. It supports Yahoo, ICQ, AIM, MSN, Jabber, IRC, Google Talk, Live Journal, RSS feeds and more!
It's a wonderful client, tiny footprint, and it runs where programs belong, on the command line!
I am the penguin that codes in the night.
No software should have that problem. If it can't handle it, it should reject/drop the message, not crash (preferably with a substitute message saying message was dropped because sender.
Not confirming the Sametime behavior described, just speaking from experience of many many instances of developers feeding me BS about how they shouldn't have to tolerate some condition or another as it is artificial and stupid, not acknowledging a DoS as a serious problem.
XML is like violence. If it doesn't solve the problem, use more.
There is no version of Pidgin for OS X, you may install it (using Fink) but it is unsupported.
There is however a port called adium
http://retroshare.sourceforge.net/
is the only true crossplattform serverless secure IM-client out there.
We're talking about secure IM solutions for an organisation here. That pretty much rules out everything that doesn't involve running your own private IM server. In other words, you're left with Jabber, and Microsoft's exchange-based balls-up solution. My vote's for jabber.
http://psi-im.org/
Holy crap! You're a genius!
Tomorrow I'm going to go to the office and disguise the server rack as a refrigerator. Then my data will truly be safe, because even if a hacker does get in, he'll never believe there's any valuable data in a cheese sandwich.
I hate printers.
http://sip-communicator.org/. This client works extremely well and is sip-based.
What? Am I the only one who then RTFH??
At the risk of being modded redundant, I would like to throw in my vote for Pidgin on Linux and Windows, with the OTR plugin for rock-solid encryption. Adium is the equivalent on Mac OS X, as it is based on the same libpurple codebase and also does OTR. Set up the jabber server of your choice behind your firewall, require VPN access, and you're set. Works for me and my org...Mac, Windows or Linux.
:q!
Forget all the others. SILC offers an enterprise level amount of protection, it's also compatible with Pidgin
http://silcnet.org/
Back in the early 90s a bunch of friends started a MUD. After MMOs basically destroyed the text gaming world, nowadays we use it for a glorified chat room, IM system. Oh and we occasionally play a few games of cards or such. The latest MUD drivers support SSH. You could pitch it to management as a 'less graphically intensive, secure, and private second life experience'
This has probably been said already, but it deserves being said often and loudly: Do not standardize on program code, standardize on a protocol. That way, any conformant application can be used.
A way to start is jabber+OTR, but other IM protocols plus OTR might work too. Or perhaps irc/ssl. There are a couple of options.
More importantly, you may have to narrow it down to clients that support automatic setup of otr connections and that can be forced to refuse connections when "buddies"' clients don't support OTR but should (co-workers with misconfigured clients, impersonation/snoop attacks, etc.).
Also: don't forget that encryption still requires user discipline and user education. Security is hard and we don't know how to make it pervasively transparant yet. But that's another issue.
I've been administering a Zimbra installation for 3 domains for about 4 months after 10+ years doing postfix/IMAP admin. When they say you can replace Exchange with Zimbra, that is only partially true. If your users are addicted to Outlook, get prepared for lots of issues as long as you let them think they will have full functionality. They won't. It isn't an easy swap. In my installation, using the free Zimbra version, Outlook works for email only, no enterprise calendaring. Further, with every thick client that I've tried that wasn't the Zimbra java-memory-hog, there was no enterprise calendaring. It does support iCal, so for small teams you can get away with sharing your calendars, but for an enterprise, no client is my recommendation. The ajax web client is really amazing. Drag and drop all over the place. It is unbelievable this is free stuff.
All my users use the web client instead of outlook now and they aren't complaining anymore. This weekend we're enabling the jabber server for remote IM. We've been using the web IM for months, but we all prefer Pidgen instead. As long as it is built in and over SSL, I don't see any issues - well, we'd really like desktop sharing too, but that's a different issue.
We have a pretty small installation, 200 corporate users on Zimbra, nearly all addicted to and using Outlook.
We haven't had many problems, most of the problems we've had are with sharing calendars and contacts. It works fine, but not when the share is initiated through Outlook, the initial share needs to be done from the Zimbra web UI.
Aside from that, users seem pretty happy with Zimbra, most don't even know it's not exchange.
We're not running the free version of Zimbra for the very reason you suggested, it doesn't support the Outlook connector. The Outlook connector is key in a shop full of MS users, it gives them full email + calendar + contacts integration with.
Uses XMPP under the covers, is reasonably robust, secure, and logs everything (for both "what'd he say again?" purposes and corporate accounting purposes). Integrated virus scanning, etc, etc, and comes with Windows, Mac and Linux clients (or use your own XMPP if you want). Best of both the OSS and proprietary worlds.
http://www.barracudanetworks.com/ns/products/im_overview.php
For real.
Mod parent motherfscking hilarious!
IIRC, the biggest problem about skype in this case is that its license explicitly forbids commercial use. At least w/ the free version.
Does having a witty signature really indicate normality?
RTFH?
Anyone know of cross-platform serverless IM clients other than RetroMessenger which doesn't seem to have released anything since it's initial debut.
tkabber is TCL/TK, so its cross plataform.. its also very complete and stable...
the only problem is that the gui is more simpler than others...
Higuita
It just goes to show you that all it takes to break encryption is to produce an obscure PDF of a badly scanned document from another country filled with seemingly made up words of increasing length like Staatsanwaltschaft, Ermittlungsverfahrens, and Telekommunikationsüberwachungsmaßnahme.
No existe.
For all the end-to-end encryption in the world, Pidgin is not secure.
Since you can't interface it with LDAP or Active Directory policies, users will just end up using the "Save My Password" option when logging in, which writes the password to disk in plain text .
Bitwise is pretty decent: Windows, Linux, Mac; encrypted, whiteboard, voice, peer-to-peer, basic version free. http://www.bitwiseim.com/index.php/
If you use Jabber (XMPP) you don't care what the client is. You can use pidgin on Windows, Adium or ichat on Mac, etcetera.
Just stay the [deleted] away from Microsoft's stuff. Their only nonwndows support is a web applet.
It supports everything include Sametime.
Seems everybody's beating up on you for asking a question. Notice the loud ones didn't read very well. They scream pidgen!.
The person is looking for something that will run on any OS. Pidgen won't. Yes it is a great client on Linux or Solaris but! it don't run on everything.
We use Java Messaging's IM. The client is a Java app that downloads from a web site. Uses either SSL or TLS for encryption. It also comes in different languages. Runs on any OS with Java Runtime.
Holy crap! You're a genius!
Tomorrow I'm going to go to the office and disguise the server rack as a refrigerator. Then my data will truly be safe, because even if a hacker does get in, he'll never believe there's any valuable data in a cheese sandwich.
Um, good one! But if you're replying to the parent comment as it appears, then you missed the joke.
Note, Obscure != Secure
What the commenter said here was "obscure does NOT equal secure."
[Obligatory]Then again, a beowulf cluster of servers disguised as fridges would be pretty sweet.[/Obligatory]
IRC is a great way to solve this - that's what we do... It's secure (runs in our network), people can use what ever client they one, it solves the issue of some people using yahoo, others using gtalk, etc, without having to create an account on each service. Groups or projects can create IRC channels as needed. It works nicely.
First I've heard of OTR. That strategy would helpful for some situations, but sounds like it might not be compliant with corporate legislation such as SOX. Anyone dealt with this question yet?
Kopete, which as of KDE 4 *should* compile for multiple platforms. It has a plugin architecture, so should support secure messaging as well.
How come nobody has mentioned Psi?
http://psi-im.org/
It's a multi-platform jabber client that looks a bit more polished then pidgin. Other than that I can't actually attest to how it compares, but a google search or two showed that it is pretty well liked.
"how can they call it a MINE if everything here is THEIRS?!?!" -Straight Jacket
I'm told by l0s3rz that the handbook instructs you to not read it.
Us cool nyrds know not to read it. It's almost certainly a trap! (or at least a catch block)
I too have to put in a good word for Openfire. I've been using it in a small organization for a couple of years now and I have an instance running for my personal domain, it hasn't ever given me any problems. Took me a little bit of effort (had to read a couple forum posts!) to get it talking to our specific ActiveDirectory setups but that was more due to my tweaking before RTFM. But now we have it setup so that everyone in the company authenticates via ActiveDirectory and has everyone else in the company in their group. Larger companies wouldn't want to do an autogroup for the entire company, but a small office or a group can easily be configured based on a given ldap query.
Really, Openfire is awesome and free, if you want/need support they'll be happy to sell it to you, and they provide some commercial products for larger companies that you might be interested in, we're too small to bother with their commercial offerings so I have no experience
Spark wasn't my cup of tea, but since its all XMPP, you can use whatever client you want, I use pidgin in Windows.
I too am not affiliated with Wildfire, but they make a very good product and have made it free (including clustering of servers) so they deserve a good reference at least.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
hmmm...building private beowulf cluster inside of some old fridge...
Genius; pure genius...
One that hath name thou can not otter
We use Waste on our PCs and Linux boxes. One group in our organization still uses VIA's version which has source code available if you look hard enough. Waste gives you chat, file-sharing and traffic leveling to defeat traffic analysis. It does require one fixed IP address.
If your corporate legal department tells you that the Sarbanes-Oxley rules require you to keep records of all your instant messages, then the Off-The-Record instant messaging system is not what you're looking for. But most people probably aren't subject to that kind of regulation.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
You could pick your client first and then use its protocol, but it's much better to pick your protocol first and then pick one or more clients that support it. The two interesting open protocols out there are Jabber's XMPP, and SIMPLE, which is part of the SIP protocol family (mainly used for Voice over IP and also video.) Do you want to integrate your IM system with your voice system (since that's already maintaining a presence server)? SIMPLE may be a better choice. Not using an open VOIP platform? XMPP may give you more choice of clients.
One real benefit of the last Jabber system I used was that our corporate firewalls were set up in a way that could support IM sessions from either inside or outside the firewall, so I could stay connected to IM from home even if I wasn't using the corporate VPN. (Unfortunately, our current internal IM client is something the IT department homebrewed a few years before our merger, runs some homebrew protocol, and can't pass through the firewall - but it does give you lots of choices of automatically-converted-from-text-to-graphics emoticons! :-) ;-| :=( At least the stuff we sell to customers is something standard, I think Jabber.)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Maybe, maybe not...
but Yahoo had it first. And they do it better.
I run it in our branch office.
http://www.igniterealtime.org/projects/openfire/index.jsp