Lextech News

Using iChat Server for Secure Instant Messaging

November 7, 2008

  • Guest Blogger
  • 1

After looking at and trying other IM server based on Jabber/XMPP we decided to use the iChat server built into Mac OS X Leopard server.  It was one of the few that supported native video and audio chats.   The video and audio are just initiated by the server but are not routed through it.  This minimizes server bandwidth usage.   It also supported chat rooms that could be created by any authenticated user.  It is easily managed through Open Directory and has SSL connection capabilities.  It can also be set up to use Active Directory or LDAP.

You can connect to it with the iChat app in Mac OS X or with any IM client that supports Jabber/XMPP like Pidgin.  I have personally used it with about 5 different clients including a web based one on my iPhone.  To protect the confidential nature of chats iChat server supports encryption of multiuser chats and file transfers through Transport Layer Security (TLS).  You can use either commercially issued certificate or a self signed one.

One of the few things that doesn’t seem to work very well is groups and auto population of the buddy lists of users.  You can have the users in Open Directory in groups but this is not used by the iChat server.  It would nice if that worked.  The other problem is the auto population of users buddy lists in an all or nothing command.  You have to run jabber_autobuddy –m after any new user has logged in and that will add that user to everybody’s list and everybody to his buddy list.  But if there are users on that server that don’t need to see everybody then it is useless.  You have to have the new user add everybody they need one person at a time.

Hopefully Apple will continue to develop this product and add features and new functions in the later releases.  It has been a very reliable IM server for us.   The iChat theater (up to 4 way video chat) has been fun to play with too.