Internal Instant Messaging Client / Server Combo? 360
strongmantim writes "I manage an internal help desk (25-30 people) for a medium-large company in the healthcare industry. We're looking for an internal, secure, FOSS (if possible) instant messaging / presence awareness client and server combo. Transmission of Protected Health Information is a sensitive issue, so the server has to be able to log any conversations that occur. It is preferred that the client not support outside protocols such as AIM, MSN, Yahoo, etc.; if it does, I will have to promulgate and enforce yet one more policy that my techs not connect to them. All of the computers that will connect run Windows XP. The system should be scalable up to ~100 people (in case we decide to include our entire office in the roll-out). Hardware and OS for the server are not an issue. Oh, and one more thing: It has to be free. Suggestions?"
IRC? (Score:2, Interesting)
Openfire (Score:2, Interesting)
openfire is a jabber based FOSS server.
we use it with AD integration. I haven't implemented it yet, but they have plugins supporting full message transcript.
Spark is the client from the same company and it is jabber only.
If I remember correctly, openfire alos supports being a proxy for all other (most?) IM protocol's so even if someone gets a copy of AIM or whathave you on you network, there server can still log the transcript.
Easy to set up, free and robust.
Jabber + Miranda IM (Score:4, Interesting)
The short and simple answer, that should fully meet your needs, is to install jabberd2, configure it as needed (should have a logging module/plugin somewhere), and then to use Miranda IM [miranda-im.org] with only the XMPP components as the client. Miranda is very easy to customize; if you don't want a protocol you simply don't include the relevant DLL.
Note: the links on that page are dead, namely the ones to the MSI installer package that I built. If you have a need for it, feel free to drop me an e-mail (the
Re:Not another one (Score:5, Interesting)
Perhaps he also wanted some insights from people who have been in similar situations?
There is a big difference between a website found on google and a testimonial from someone who's done it.
Re:Bonjour may be what you need. (Score:3, Interesting)
Bonjour is great, but what you've suggested doesn't meet his needs at all. One of the stated requirements is that there MUST be centralized logging of all conversations, and what you've proposed is direct client-to-client chats with no centralized server.
Spark + eJabberd (Score:3, Interesting)
Initially we had an internal (old junker box) linux server which was only accessible from the internal network and everyone had Jabber IDs of user@customer.local. We recently switched to user@customer.tld so people could access it from their iPhones and Windows Mobile phones using the Palringo client.
ejabberd on linux has nice LDAP integration with Active Directory on Windows. You could also use the OpenFire server which is made by the same people that make Spark. It has a free version and a commercial version IIRC.
Re:Citadel groupware server has all of the above (Score:1, Interesting)
a groupware that doesn't support ldap? this is a joke :)
Re:Pidgin (Score:3, Interesting)
Unfortunately, while I personally like the XMPP protocol and think it would normally be an excellent solution, I think you have uncovered the biggest flaw. Preventing the clients from talking to the outside world is going to be nearly impossible unless you keep them on a network that doesn't route to the outside world.
For instance, GTalk uses SSL over port 443 so if you want any type of secure web transactions with the outside world then your also going to be allowing secure chatting. Even if you go through and block obvious XMPP hosts that are using non-standard ports (443, 80, etc) it will require ongoing attention as other sites start their own services.
Re:Pidgin (Score:1, Interesting)
Re:Spark IM client/server (Score:3, Interesting)
What is nice about Openfire is that it allows you to centralize the management and security a lot, which gives you a lot of control in information-sensitive situations like this. It has integration with an existing LDAP/AD server if you want to keep your authentication policy centralized on your LDAP server if you have one. Likewise, you can force all users to use SSL for secure messaging if you want.
Likewise, I was working with the open source version over the last couple weeks (I setup a test environment for our company), and based on the menu options it appears that message auditing also is included (I didn't try it), so you can log all your conversations as you would like. I knew they had this feature before in their paid version, but it looks like they made it available in their open source version.
Finally, if you ever grow and need support, you can get it from their list of service providers. And it's free
Good luck!
Openfire Server [igniterealtime.org]
Spark XMPP Client [igniterealtime.org]
WASTE (Score:2, Interesting)
Re:+1 for Jabber (Score:1, Interesting)
OCS (Office Communications Server) works great at our company, and even completely replaced our PBX as well. The new R2 version as some nice new call center auto-routing capabilities you might find useful on the helpdesk..
Re:Jabber is what you need (Score:3, Interesting)
Speaking of jobs, I've been doing this for close to fifteen years, including major work on Navy networks. How long have you been plugging away at it? Your technical skills sound great, but your interpersonal skills seem to indicate a penchant for running away with wild assumptions.
Re:Jabber is what you need (Score:2, Interesting)
I just reread my post. Sorry I cam accross as too harsh. I've been at this for about 15 years myself and I just get sick of people assuming something only takes a short period of time to setup, because you can knock out a proof of concept quickly. I've also run into plenty of situations over the years where the documentation wasn't done, because either the admin didn't do it or management didn't understand the importance and wanted something with a higher priority done. I've also seen proof of concept systems turn into production systems when a manager says it's good enough and not a critical system and not to worry. That's when you really need to worry.
Re:Jabber is what you need (Score:3, Interesting)