Home

Can you guys suggest some reliable and secure selfhosted IM service? I’m kinda in a very bad spot right now, so any centralized messaging wouldn’t really work. And yeah, state sponsored mass surveillance is a question of concern. Sorry for odd phrasing, just really at a loss.

I heard of matrix, XMPP (heard good things about snikket.org), SimpleX and even some IRC wizardry over TOR. And I actually tried matrix (synapse server), but found it not reliable enough - sometimes skips a notification, periodic troubles with logging in, weird lack of voice calls on mobile client, and some other irritating, tiny hiccups. I’m open to any suggestion, really, even open to trying matrix once again. Just, please, describe why you think one option is better than the other.

And just FYI, use case is simply texting with friends and family, while avoiding state monitoring. Nothing nefarious

A few good options depending on your needs:

• Matrix (Synapse/Dendrite) — federated, E2EE, good client ecosystem (Element). Synapse is heavier on resources but full-featured. Dendrite is lighter.
• XMPP (Prosody/ejabberd) — lightweight, long track record, good for smaller deployments. Prosody is very easy to set up.
• Rocket.Chat — Slack-like UI, good for teams, but resource-hungry
• Mattermost — another Slack alternative, self-hosted, solid for team use

For personal/small group use, I would lean toward Prosody (XMPP) — super lightweight, runs on basically anything, and Conversations (Android) / Siskin (iOS) are decent clients.

For something more modern with a bigger ecosystem, Matrix with Dendrite is a good middle ground — lighter than Synapse and still compatible with all Matrix clients.

Prosody (XMPP server). Setup takes an hour at most even if you have never worked with Lua. Easy to interact with (it has a built-in shell), easy on system resources, and easy-to-understand config. Support for groups, E2EE, attachments including videos and voice recordings, among others.

Gamers Nexus posted a video recently about Discord alternatives.

Well, I think XMPP or Snikket is worth a try and definitely more reliable than Matrix, but you might also want to look at DeltaChat.

Try Delta chat (chatmail server)

There is probably something wrong with your setup, if Synapse has these problems.

I’ve been running Synapse for years, including voice/videocalls and even video conferences.

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

[Thread #173 for this comm, first seen 16th Mar 2026, 21:00] [FAQ] [Full list] [Contact] [Source code]

or snikket, the docker version of this with some things pre configuration-tated

And just FYI, use case is simply texting with friends and family, while avoiding state monitoring.

Signal. There’s nothing better for security, ease of use, and features. It’s a drop in replacement for texts and imessage and facetime.

Lots. But the difficulty as ever is finding something that the people you want to talk about are also using.

Thanks, will check it out. If it’s not too bothersome, could you specify why XMPP would be a better choice than other options? The protocol itself, I mean. There’s a lot of contradicting info on each of the protocols. Some say XMPP is ancient, choose matrix. Others say matrix is a complicated mess, choose more mature XMPP

That’s definitely possible. But the weirdest thing was the inconsistency of every issue. As an example - voice calls worked on the web client, but didn’t on mobile. Client issue perhaps, tho I tried, like, almost every mainstream mobile client

Let’s just that we all are so fucked, that we’d use anything that works. So that’s not a problem to convince them to switch, we all are ready to switch

Thanks for reply. Unfortunately, we can’t use it, should be exclusively selfhosted service :( I do like Signal, tho, great app

That was a great video actually. I thought that Zuli was kinda cool, shame it’s a paid service. Not that I mind paying, just quite literally can’t. Funnily enough, they hit the same issue with broken voice calls on mobile Element client

XMPP is ancient. So is email, the internet, and the wheel.

That’s rough. Signal is the only app that can actually be trusted to resist state monitoring because it has a successful history of it.

I guess another option to throw into the pool is https://docs.cwtch.im/ then. It’s new though, and not as easy to use.

Be aware that the Signal Foundation still runs servers for the signal service. If a state actor compromises them, e2ee is no longer guaranteed.

For Matrix consider Continuwuity instead of Synapse if you want something easier to maintain. You’ll also want to set up Element Call (i.e. the “new” calling stack) for wider client support.

Notifications can be unreliable but it depends on your push provider (e.g. don’t use the default ntfy.sh instance, use another one or selfhost yours). Do let me know of any other nits though.

For XMPP, notifications is most reliable as it maintains an in-band connection to the server. A/V is a bit more lacking, as mobile clients can only do 1:1 calls, and it misses some smaller features compared to matrix. But it’s very lightweight and should be more than capable for use with family and friends.

As someone who’s tried both, it depends on what you want. Your choice of Matrix server depend on any political and ethical values – some say Synapse is too corporate, being maintained by Element who are for-profit and obtain funding from corps and governments, so some prefer others such as Conduit ( – until maintaining slowed to near abandonment and it was superseded by Conduwuit – until the owner got bullied so hard she quit the project and it was superseded by Continuwuity) or Dendrite. I recommend Continuwuity.

Then there’s clients – the only mature matrix client for mobiles is Element, and there are two apps, Classic and X, who offer different pros and cons, and imo are not good enough on their own, both are in a kind of beta stasis. But it’s the best they have. If you really don’t need calling, then Element X, FluffyChat or Schildichat is your app and Element Web for desktop access (available on Github). However, when exchanging encryption keys to trust another of your devices, or a contact’s device, only Element offers simple QR scanning.

In short, Matrix is very good as a privacy-focused server with partially working, modern looking clients.

Then there is XMPP. Again there are different backends to choose from and I am inclined to recommend Prosody. XMPP just works out of the box for me, calling included, and is relatively stable. However, there are large caveats – several pieces of user data are stored unencrypted on the server, which is fine for you as the owner, but it’s a lot harder for someone else using your service to trust that. And, while XMPP uses OMEMO encryption keys, handshaking with devices is far more manual than Matrix’s Olm/Megolm and involves a multi-step process, and migrating to a new device is a pain because messages are not backwards decrypted, so they must be transferred from the first device. Finally, clients are very rough. The best desktop clients still look like they were built in 2001, and while mobiles have Monocles, Cheogram and Conversations, they all look very similar, as the former are very slight modifications of Conversations.

In short, XMPP may lack some comforts of modern messengers, but it is simpler to set up than Matrix, and offers many of the same features. However, the manual key sharing process might scare off all but the most avid privacy enthusiasts, especially that if you migrate to a new device without sharing message history from a previous verified device, messages are lost.

Choose Matrix for polished software, inviting many contacts, and, with Element X featuring (eventually) Element Call, complete E2EE. Choose ol’ faithful XMPP for an easier initial setup, if video calls are important, or if you don’t like Element the company.

Oh, and if you wish, it’s a bit old now but no doubt useful, I have written installation guides on both, based on Linux containers.

Wait this vs tuwunel? I switched to tuwunel because i thought that was the official successor

Your issues with voice calls are likely because you didn’t set them up, and the web client was using the fallback server.

https://sspaeth.de/2024/11/sfu/

It’s unlikely encryption would be compromised since the keys never leave the device. The user’s device would have to be compromised for that. Decrypting messages on Signal servers without the keys takes too many resources to be feasible en masse, even for a state actor. And the current app has no method to transfer those private/decryption keys.

But Signal is not private. It is only secure. Two totally different things. A bad actor could uniquely identify a user and what users they have communicated with and how often, just not the content of the messages. That metadata is stored on the Signal servers and the company has access. That is the tradeoff for ease of use and keeping malicious accounts to a minimum vs an anonymous IM app.

Op specifically asked about a self-hosted option. I think it was fair to comment that Signal wouldn’t satisfy this requirement.

Right, which is why I didn’t reply to op. I replied to a threaded comment that stated that Signal e2ee could be compromised by a compromised server, which is incorrect. Only privacy could be compromised, not e2ee. The specific threaded comment I replied to didn’t mention that it didn’t satisfy OP, which I also agree with.

It’s claimed to be official. But I went with https://continuwuity.org/ since it seemed to have a more active community. Plus ever since then, the core maintainer of Tuwunel has been making threats against Continuwuity including personal attacks, and seems to be quite unpleasant to deal with in general. There’s also been a thread about it here. So I honestly lost all taste to reconsider.

A compromised server would allow the server to man-in-the-middle all new connections (as in, if Alice and Bob have never talked to each other before, the Server/Eva can MITM the x3dh key exchange and all subsequent communication). That’s why verifying your contact’s signatures out-of-band is so important.

(And if you did verify signatures in this case, then the issue would immediately be apparent, yes.)

Thank you a lot for such detailed explanation! I finally got a definitive answer to XMPP vs Matrix debate. You definitely convinced me to try XMPP, seems indeed more reliable. In another message, you also mentioned you wrote a guide on Prosody, I actually would love to check it out :)

This too would likely require compromising at least one of the devices or at the very least compromising both users’ ISPs or some other fairly detailed and highly targeted attack, but none of that would require compromising Signal’s servers and would make any system’s key exchanges vulnerable, even self hosted systems.

Simply compromising Signal’s servers might allow disrupting key exchanges from succeeding and thus making it impossible for those users to communicate at all, but not MITM really, at least if we assume there aren’t defects in the client apps.

The key exchange is much more complex than something like TLS and designed specifically so that the server can’t interfere. With true e2ee the key never passes through the server. This isn’t like many other apps that say e2ee, but really mean end to server gets one key and server to end gets another and decryption and re-encryption happens at the server to allow users to access older messages on new devices and stuff like that. Signal just connects the users to each other. The apps do the rest.

They could probably do something if they totally took over the entire Signal network infrastructure, but it’s definitely not something they could do undetected. But if a government took over the entire infrastructure, security conscious people would stop using it immediately thus not really worth the monetary and political cost. Otherwise China and others would have already done that to all secure communications. And again, not Signal specific.

Huh - you’re right. I went back to Signal’s X3DH spec because I was sure I was right, but it seems I misremembered how the “prekey bundles” work: Users publish these to the server, allowing (in my original assumption) for the server to just swap them out for a server/attacker-controlled key bundle for each Alice and Bob.

However, when Alice wants to send Bob an initial message and she gets a forged prekey bundle, Bob will simply not be able to derive the same key and communication will fail, because Bob knows what his SPK private key is, while the server only knows the public key.

There is an XEP for Message Archive Management that should allow for message history sync on XMPP.

The Signal foundation also controls the ends, as they control the official clients and can push encryption breaking updates to end user devices; in cooperation with Google/Apple even to selected devices of individual people which makes this nearly impossible to detect.

That you think Gajim looks like it was build in 2001 tells me you haven’t used XMPP in quite a while 😅

If you’re willing to take a punt on a new project then take a look at my post history. I’m working on a fully self contained voice/text/screen share web app that has end to end encrypted DMs built in. The only identifying information it asks for during new account setup is an email address for activation (in an effort to prevent bots) but you can disable that during server setup, have your users sign up with fake email addresses and just manage their accounts manually using the built in tools. It doesn’t store IP addresses at all and all the voice/screen share streams are only stored server side long enough to provide a buffer (about 3 seconds worth).

I worded it badly, but if keys can’t be exchanged because aws is down, e2ee is effectively compromised by disruption. This has happened several times now.

Ooh they upgraded? Yeah my information is based on early 2025 when I tried it aha

My install must have been broken then 😭 and my experience is from around early 2025, and I didn’t keep it around, so my intel is also dated..

Here you are :) it’s a Github link

I’ll add to the pile: https://roguesecurity.dev/blog/xmpp

Prosody gets my vote as well for extensibility over snikket and still being relatively easy. XMPP for the win!

:| i hope i can switch without losing everything??

I believe as of now, the databases do not diverge and hence a binary swap/container image swap is doable. If you already set up SSO logins, then I’m not sure because Continuwuity doesn’t support that yet.

Please re-ask the question with the folks in #continuwuity:continuwuity.org to be extra sure before doing anything. Oh and without saying, do clone and backup the data paths for easy reverts later

You are a legend for this, thank you so much!

Stoatchat lets you use various “servers” a la discord, if you wanna self host it. I maintain a way that works for both kubernetes and docker compose if you’re interested in that.

I’ve always had extremely slow message deliveries when using delta chat , with me being on one chatmail server and the other part being on another one.

Am I doing something wrong? In the setup anywhere?

Currently using nine.testrun.org and have nobody else to test with lol, but just myself :P

Hey, just coming back to see how your setup’s going, and to say I’ve finally managed to get Element Call working for Matrix – I can help you get it running if you like!

Hi, still using Prosody, works great. I’d love to hear how you managed to setup Element Call :) We aren’t using matrix rn, but I still wonder why the calls didn’t work

It was a huge pain and I ended up troubleshooting with Gemini for hours aha! I know, I’ll plant a tree to offset my sins. It was at least useful to rapid search solutions and tell me what component was the most likely issue.

I had coturn set up for legacy Element Classic and, before that, XMPP, but as I wasn’t using those I decided to shut it down and try using Matrix Livekit’s internal TURN server. I’m not sure what actually helped in the end, but Livekit’s latest build caused a bug, so I instead pulled v1.9.12. I also shuffled around my reverse proxy config (from my old attempts) because some endpoints seemed to have changed. I’ll update later with anonymised config :3