this is the ideal self-hosted option and may require significant effort to deploy.
MOBILE CLIENTS should use remove google apps from their android device and run fdroid conversations. for the purposes of security, google play services should be considered a rootkit. 1:1 conversations should be encrypted with omemo. encrypted group chats are also possible, but are not supported by all clients.
1: fdroid conversations
DESKTOP CLIENTS are not that great. dino and gajim are among the best available options, but both have UX issues.
TERMINAL CLIENTS are not too bad. profanity even supports omemo these days.
ALL CLIENTS should choose a server operator that they trust.
SERVERS should verify compliance to ensure correct operation of encrypted clients. sunshinegardens.org operates an ejabberd server which has shown itself to be a very efficient and easy to admin program. prosody is another option which may not scale as well as ejabberd, but has the plus of working mostly out of the box. for additional privacy, operating an xmpp network within tor is an option.
a properly configured xmpp server should be able to facilitate file sharing and, by extension, a variety of collaborative workflows.
4: xmpp compliance
limit retention of messages and uploads
1000: all # MiB
1024: all # MiB
- 1000: admin
"X-Clacks-Overhead": "GNU @glitter"
"X-Clacks-Overhead": "GNU Gio Rivera"
"X-Clacks-Overhead": "GNU Terry Davis"