My XMPP Public Servers List
December 14, 2021
A list of free public XMPP servers to use for your secure messaging. Get the best anonymity, privacy, and security servers researched by me.
What is Jabber/XMPP?:
Jabber/XMPP is a decentralised instant messenger using the open source XMPP protocol, there is no central server that could be compromised, the multiple nodes construct a resilient and hard to monitor infrastructure. Dozens of XMPP servers, encryption and its open source nature make XMPP much harder to wiretap or shut down than cloud based Google Hangouts, Yahoo Messenger or Skype, all USA companies known to have a NSA backdoor.
One of Jabber/XMPP main vulnerabilities is that the server you are connected to is not trustworthy, this is a list of XMPP servers with the best privacy policies:
- 5th July XMPP: Swedish privacy foundation promoting free speech worldwide, in between other services they provide an open XMPP server with Off-The-Record Messaging (OTR) support, hosted in Sweden and with logs tuned off. They warn you that file transfers are not encrypted, only text conversations are.
- Calyx Institute: A not for profit privacy and cyber-security foundation running a public Jabber/XMPP server that does not create any records of who you communicate with or keep logs of the content of any communications, this server forces you to use OTR, Off-the-Record Messaging, a cryptographic plugin that stops the server administrator from accessing plain text of your communications.
- Dismail.de: Free public server located in Germany, you can register for an account using the web interface or your Jabber client. The privacy policy is very clear about how long for each one of your details are stored, metadata has to be saved for Jabber to work, it would be impossible to communicate with your contacts without saving who they are and your Jabber ID is of course also saved. Personal details like the IP address used to create the account and the files you upload are erased after a month.
- Jabber.at: This XMPP server does keep logs, but I am adding them to the list because they are very clear about this, indicating how many days logs are kept for and what the content. For example the IP used to register an account, chat messages and file uploads are all kept for 31 days. The administrator indicates that they are based in Austria and according to local laws he must and will hand over logs for any crime that carries more than 1 year in prison. A transparency report with the number or court orders received to hand over logs is posted yearly, to be found in the privacy section of the website.
- Neko IM: Running a public XMPP server located in Norway, they claim that no more information is collected and stored than what is absolutely necessary, TLS everywhere is enforced and Jabber clients need to support a strong cipher or they will not be able to connect to the network. Being a free volunteer run project, this server uptime comes accordingly to this and no guarantees are made about uptime other than “as much as possible“.
- Countermail: This is a paid for service from a Sweden based email privacy company that provides the XMPP server xmpp.counternet.com with TLS and SSL encryption only available to email account holders. The username and password are randomly generated, you can not create your own, however, all XMPP clients supports “alias” or “display name” that you can manually set up and this is what other Jabber users will see.
XMPP servers in Tor:
- OTR.im: Free anonymous Jabber service with a Tor hidden node, connections are encrypted with a Let’s encrypt certificate. This XMPP server is fully encrypted and logs are disabled, except error logs, all that the administrator can see is your hashed password, IP address if you don’t use Tor, offline messages and destination address if your contact is not online. A detailed explanation about the logs and configuration settings are posted on the site.
- SystemLi: Jabber server managed by an anti-capitalist tech collective. They do not retain any kind of data and a .onion link is available for those using Tor. To avoid spam accounts registration is only possible with an Internet browser.
- Kode.im: A public USA based Jabber server with a Tor address and multi-user chat support. The server only allows ciphers with forward secrecy enabled. Logs are kept to a minimum and they do not include IP address history of any users. Accounts are removed after six months of inactivity.
- OnionMessenger: Free Android and web based Jabber messenger that uses Tor to communicate with others. it can be used in conjunction with OMEMO and OpenPGP to encrypt the data stored in your device.
Other XMPP Servers:
- list.jabber.at - This is a list of public XMPP servers, free for everyone to use. XMPP is a open, free and decentralized instant messaging network. Due to its decentralized nature, there are thousands of XMPP servers available from which to choose from. You may choose any of the listed servers or a different server altogether, you can always communicate with users on other servers. This list is kindly brought to you by jabber.at, which is run by the Fachschaft Informatik.
- 404.city - Server in France. 404.city is a virtual city of the future. The cipher-punk community in the federation XMPP. Their mission is to promote new technologies, protect privacy and protection of human rights. When you yourself encrypt your messages and using XMPP, They can not know what you and the other user are talking about. Protect freedom of speech using the best e2e encryption algorithms: PGP, OMEMO, OTR.
- xmpp.dk - Server in France. XMPP.dk runs a public, free and secure Jabber / XMPP server that allows account registration. In addition, the server requires OTR to be enabled in your chat client. You can connect to xmpp.dk using your favourite Jabber client. There’s a long list of clients available over at xmpp.org. You can connect to xmpp.dk using your favourite Jabber client. There’s a long list of clients available over at xmpp.org. To create a @xmpp.dk account: Registration is handled in-band by your Jabber/XMPP client. This is the only way to create an account on xmpp.dk. Simply add username@xmpp.dk in your client and click “register” or check the box to “create this account on the server” to sign up.
- protonxmpp.ch - Server in the Netherlands. ProtonXMPP, secure messaging for all. ProtonXMPP.ch is a Jabber/XMPP service that enables real-time communication with your friends and family. Like XMPP, our public messaging server is free and open for everyone. ProtonXMPP runs on an open source, community-driven software, focused on performance and security. Sign up today! ProtonXMPP fills the gap between usability and rock-solid security on XMPP services. It is based on open source software built by a community composed of end-users, developers and service providers around the world. ProtonXMPP features “In Band Registration”, which means that you can register an account directly from your client. ProtonXMPP recommends using Pidgin as your IM client. Download pidgin here. If your client does not support “In Band Registration”, They offer a web-based registration option here.
jabber.at - Server in Austria. All measures to ensure security and anonymity are also stated (see on the website).
- jab.im - Server in Switzerland. Secured, Logless, Support 24/7, Fault tolerant, Сompatible with all global xmpp servers, Monitoring 24/7, No ads, Free charge.
GENERAL RULES:
- They don't store any data, ip addresses, etc..
- Passwords are stored hashed.
- They don't store any archives of messages.
- Sent files are automatically deleted after 60 day.
- Inactive for more than 360 day accounts are automatically deleted.
- Server located in Switzerland is guarantee of safety.
TRANSFER OF DATA:
- They respect privacy of their users and don't transfer any data to anyone.
- They don't cooperate with anyone.
More XMPP Servers:
- https://xmpp.net/directory.php
- https://xmpp.is/
- https://creep.im/
- https://www.ejabberd.im/
- https://tigase.net/xmpp-server/
- https://prosody.im/
- https://github.com/igniterealtime/Openfire
- https://github.com/esl/MongooseIM
- https://snikket.org/
- https://jix.im/en/
- https://www.xmpp.jp/
- https://jabberx.net/
- https://juliedoesprivacy.wordpress.com/2021/04/03/list-of-xmpp-servers/
- https://calyxinstitute.org/projects/digital-services/xmpp
- https://xmpp.gg/
- https://xmpp.fi/
- https://yourdata.forsale/
XMPP Spam Servers to not get in contact with or use:
⚠️ If you use Pi-Hole or NextDNS, You might want to block these spam servers in your denylist as well.
- netlab.cz
- sj.ms
- safetyjabber.com
- jabbim.pl
- jabster.pl
- chatwith.xyz
- crime.io