Messages server provides robust instant messaging using open standards.
Messages server provides secure person-to-person instant messaging and chat-room services using standard Extensible Messaging and Presence Protocol (XMPP), which is found in instant-messaging servers such as FaceBook Chat, Wildfire, and Jabber.
Messages server also works (“federates”) with other chat servers or any XMPP-compliant service (such as Facebook chat) using the server-to-server (S2S) capabilities of XMPP. This allows users with accounts on Messages servers to exchange text messages or files with users whose accounts are maintained outside their local network infrastructure—as long as those Messages servers are accessible over the Internet.
About integrating Messages service with directory services
As with other services, Messages authentication is based on Open Directory or any other Lightweight Directory Access Protocol (LDAP) server bound to the Messages server.
Messages accesses user accounts through directory services and cannot directly access the LDAP server. You can also bind your server to other LDAP servers, enabling users on other LDAP servers to authenticate with your Messages server.
Server-to-server federation
You can enable a list of domains for server-to-server chat communication, called federation.
Only host names and domains that are listed can communicate with your server. This is called a federation domain list.
The federation domain list entries can be complete host names or domains. (This can be a mix of servers and domains.)
The server software does the rule-matching to see if these domains can interact. Any domain or host not in the approved list cannot communicate with your Messages server.
About secure connections for Messages
Using the Server app, you can secure server-to-server communication with certificates.
OS X Server includes a preinstalled, default, self-signed certificate, or you can select your own certificate. The selected certificate is used for client-to-server communications on ports 5222 and 5223 and for server-to-server communications.
Jabber provides the following ports:
5222, which accepts TLS connections if an SSL certificate is enabled
5223, which accepts legacy SSL connections if an SSL certificate is enabled
SSL encrypts your chat message over the network between client-to-server and server-to-server connections. However, if your Messages server is logging chat messages, your messages are stored in an unencrypted format that can be easily viewed by your server administrator.
Understand Messages screen names
Messages screen names look a lot like email addresses. They consist of a user name and an associated Messages server.
Messages screen names are Jabber IDs and use the general format user-short-name@Messages-domain-name (for example, nancy@Messages.example.com).
The user-short-name component is the short name of a user defined in the Open Directory search path of the Messages server. The Messages-domain-name component identifies the Messages server.
To use Messages, you must have a Jabber ID and you must know the Jabber IDs of everyone you want to chat with. Your Jabber ID is created when your user account is created in Open Directory.
Clients for Messages service
You can use any Jabber client with Messages service. You can use any instant messaging apps with Messages service as long as the application supports the Jabber protocol. Messages supports instant messaging apps on Windows, Linux, and popular mobile devices.
The Messages app for iOS does not support the Jabber protocol.
Configuration file locations
Messages configuration settings are stored in configuration files that correspond to the main jabberd process and to each of its component processes. These files define settings for the Jabber server and XMPP features supported by Jabber.
Component | Location |
|---|---|
jabberd (startup and watchdog script) | /Applications/Server.app/Contents/ServerRoot/etc/jabberd/jabberd.cfg |
router (inter-module message routing) | /Applications/Server.app/Contents/ServerRoot/etc/jabberd/router.xml |
sm (session manager) | /Applications/Server.app/Contents/ServerRoot/etc/jabberd/sm.xml |
C2S (client-to-server communications) | /Applications/Server.app/Contents/ServerRoot/etc/jabberd/c2s.xml |
S2S (server-to-server communications) | /Applications/Server.app/Contents/ServerRoot/etc/jabberd/s2s.xml |
Multi-user chat room configuration | /Applications/Server.app/Contents/ServerRoot/etc/jabberd/Rooms.plist |
Service log locations
The Messages service log is located in /var/log/system.log.
The Messages file proxy log is located in /private/var/jabberd/log/proxy65.log.
The Messages service migration log is located in /Library/Logs/Migration/jabbermigrator.log.