Ask HN: Why XMPP failed and SMTP didn't?

104 points by kertoip_1 ↗ HN
I was born too late to witness popularity of XMPP as a decentralized instant messaging protocol. When I started to be a "conscious" user of the Internet, such services already became centralized, so I don't really remember those times. As I follow the development of projects like Matrix, I wonder what has made SMTP such a stable protocol that has stood the test of time and what is the real reason we don't use XMPP (I mean, we do using Whatsapp, but as a part of closed ecosystem).

Is it only that XMPP was overcomplicated and if managed better it would survive? Or is it something else?

171 comments

[ 4.6 ms ] story [ 207 ms ] thread
XMPP is popular in military and public safety applications.
I used to chat on IRC between 2005 to 2014. We tried to switch to Jabber several times but it was simply too much work (we had elaborate mIRC bots, for example) and it simply wasn't as good - bloaty clients (this was in times when we had 512 MB RAM and single or dual core), chat servers were frequently down while IRC always worked (with the occasional netsplit, but oh well)...

Then we tried Slack but most people didn't come there too much. Today we have a Telegram group and it's so much better UX/UI wise...

Telegram is backed by xmpp ;)
Cool, but the coolest thing about Telegram is that IDGAF, it just works
SMTP was already entrenched in business uses and thus will survive for some time. XMPP was used by some chat servers. I used XMPP/Jabber in a company but we could have easily switched to something else such as IRC or NNTP. Moving off SMTP would be a non starter for most businesses.

If there were an alternative to SMTP I believe it would be NNTP given it is similar in concept and just introduces threaded messaging which SMTP clients try to mimic now. There are several potential rabbit hole discussions of why moving away from SMTP are highly unlikely to ever occur.

SMTP came before corporations offered their own email solutions. XMPP came after AIM and others had already staked out their claims on the chat space.
I'd say it was the opposite. In 1990 there were numerous non-SMTP email services such as Lotus Notes, uucp-based email on Unix systems, the email system in VAX/VMS, etc.

SMTP made these all interoperate and ultimately replaced them all.

Like Lotus Notes, Microsoft Exchange comes with its own protocol for internal communication and it is more popular than ever, and there is nothing stopping Microsoft from slipping in some ‘superior’ new proprietary protocol for mail transport between installations, apart from that it’d be a lot of work and not very useful for them.
SMTP got a toehold before the eternal Corporate Age of the Internet practically ended open protocol development, because it was far more useful on intermittent connections, and on terminals one only used a few minutes a day.

Chat didn't get super-useful until everyone had a screen in front of them or on them just about every waking hour. People used it before (I know, I was there, and I did) but it was more of a "see who's on and chat with them" than what it is now.

Chats have always been super-useful for a more technical crowd, IRC is still alive somehow.
XMPP is only kind of decentralized.

As far as any individual user is concerned, loss of the server(Which their identity is tied to) would be a hassle. Just like email.

SMTP got really entrenched really early. It's what gmail uses. They can't really do a proprietary mail protocol, SMTP was around way before them and nobody wanted to switch.

Instant messaging for the masses was proprietary from the start, as far as I can tell.

There was IRC, but it seems like by the time the internet was everywhere, people were already on AOL and ICQ and a bazillion other proprietary ones offering various extras and integrations.

None of them seem that interested in open protocols.

SMTP was a way for email systems to communicate - and so things like CompuServe jumped on the bandwagon early.

Universities and others using mainly UUCP also migrated because of the benefits.

There wasn't really a huge benefit for the big instant messaging players to integrate, and the dirty secret is cross-platform "instant" messaging has always existed - it's SMTP! Many people still use email as a form of a chat tool.

XMPP also suffers from the "oh shit security might be important" that SMTP originally didn't deal with (it's horribly insecure by modern standards) which greatly increased the complexity.

> SMTP originally didn't deal with

More so, absence of security is what allowed SMTP to proliferate.

There are two reasons that I see.

One is that XMPP is an overcomplicated nightmare. The protocol was verbose, flabby, and hard to implement, and the server software was very hard to set up and run especially for novices. A person could not just install a server and start chatting, even if the server was just stand-alone let alone linked to anyone else.

The second and IMHO more fundamental reason is that the Internet is a dark forest. Any open system that becomes sufficiently popular will be destroyed by abuse.

If you offer a chance to make any amount of money whatsoever online millions of hustlers will rush into the void like gas molecules invading a cracked vacuum bell and will scramble all over each other to suck every last fraction of a penny out until nothing of value remains. So far only centralized managed systems have been (somewhat) successful at keeping the barbarians at bay. I'm not saying a decentralized system could never succeed here, but I don't think it's been done yet. (Cryptocurrency isn't an example as it's already been throughly destroyed for its original vision and use case by scammers. It's a great case study in exactly what I mean.)

(Edit: the goal is not always money either. Read money as "value." Political propaganda, cult recruitment, weaponized disinformation, or just trolling for lulz all count as extracting value of some kind at the expense of the commons.)

SMTP along with Usenet was one of the first casualties of this phenomenon, and I would argue that it did fail as an open system. You can run your own SMTP server but it's not for novices or people without time on their hands. You'll have to fight constantly to keep your IP out of blacklists and to keep spam away from your users. Spammers are in an arms race against huge companies with massive training data sets and entire teams dedicated to spam filtering, so this only gets harder over time. An independent SMTP server is easy prey.

99% or more of users use one of several large mail hosts. These are mostly Google, Microsoft, and Apple in the USA. E-mail hosting is cheap to free and the vast majority of people would rather someone else deal with the pain of defending them from spam.

Underrated truth bomb right here.
> Any open system that becomes sufficiently popular will be destroyed by abuse.

This is a harsh truth that I'm always surprised that so many HNers haven't accepted yet.

We are about to see it happen with reasonably open software package repositories. Prepare yourself for a coming deluge of increasingly stealthy and sophisticated software supply chain attacks.

It's not that most people are bad. It's that it doesn't take very many people behaving badly to ruin a common platform on the Internet since one bad actor can use cloud compute and bots and other resource pools to launch huge attacks. Add anonymity to the mix and you've got a recipe for easy high-impact low-risk abuse.

> If you offer a chance to make any amount of money whatsoever online millions of hustlers will rush into the void

It's even worse than that because just a very small group (dozens, or even a single individual) can really screw over an entire system because doing things digitally is so cheap and easy. For example the world has 8 billion people, and sending every single one of them an email message (assuming everyone has an email address, which they don't) is easy, cheap, and can be done relatively quickly. With just 100 spammers on the entire planet your email system would still be screwed.

I was a weird XMPP nerd in high school and tried to switch friends from AIM. So here's my experience.

* Onboarding was difficult. There was no obvious choice of server or client to use.

* Adding friends was difficult. You needed to send a subscription request to a contact, and they needed to send one to you. If anything happened during this process, you couldn't chat.

* Popular XMPP clients, like Pidgin, also supported the other chat services (AIM, ICQ, MSN, Yahoo, etc) so people just continued using those.

* Network effect. You need to convince a mass of people its better, otherwise nobody's using it because no-one uses it.

* No obvious benefit to the user. It's decentralized sure, but there weren't many improvements over AIM that people actually used.

* A lack of good iPhone XMPP clients.

In 2005 Google added XMPP support to Google Talk/GMail Chat and they were federated, but nobody federated back and they closed off its successor (Hangouts).

This is a dumb questions, please excuse the ignorance: Why were/are there not (or are there?) adapters so that you can speak whatever protocol you prefer (smtp, xmpp x.400 etc) but it still gets through to the user on the other end?
There is a long history of this including multi-protocol clients. You see this now for example as people want a single "chat" for the many places they publish live streams (twitch, youtube, discord, etc). Unfortunately, because you must ultimately support the lowest common denominator you end up with much of the nice features of particular platforms being unavailable or things like the youtube chat filled with comments like `@comment-copy-bot: James (Discord): That was a cool video!` and things like direct messages and emotes don't really work.
That's exactly what XMPP was originally created for - a single open protocol that would let you interface with all the others.

But it's very hard, technically, to maintain interfaces to a changing set of evolving third-party protocols, and provide a good user experience. Especially if those people don't want you bridging to them. Open networks tend to fare better in the long term, but generally the user experience of an app bespoke for the target protocol is nearly always better.

> A lack of good iPhone XMPP clients.

As someone whose company used XMPP prior to the iPhone, this is what killed it for us, and I suspect it’s a major contributor to federated XMPP losing any public inertia it had.

iPhone push notifications could only be sent with a signing key tied to the same developer account as used to publish the client application.

That meant it was impossible to send push notifications from your own XMPP server to a generic XMPP client written by someone else.

Fascinating. Is this problem solved for Mastodon?
This restriction that push notifications must only come from the developer’s server is a restriction imposed by Apple and their App Store.
A solution would be E.G. subscribing to a community (an endpoint URL, or what Discord likes to brainwash consumers by calling a 'server') should trigger background actions that allow that community's chosen point of contact to have push notification capabilities, and to maintain that forward until your subscription is expired.
> should trigger background actions

Because of the way iOS works nowadays, you cannot reliably do this for notifications because you can't run apps in the background reliably for this purpose.

> allow that community's chosen point of contact to have push notification capabilities

This is what push notifications are?

Not device background. IE submit requests to the iOS mothership and to the endpoint URL to talk to each other and work things out.
I apologize I'm not sure what you mean by mothership, I'll assume you mean the core API's the OS presents. I mean that's how requests already work? You ask the system to handle the network for you and it passes the app data?

In the context of notifications this isn't an issue for when the app is in the foreground. But when it's in the background the app's event loop isn't ran consistently, so you might not get the notification for hours. To my knowledge the ONLY way to consistently push notifications for apps in the background is through apple's push gateways.

An __off device__ request that is processed server to server.

Mobiles aren't "real computers" in the sense of the Internet. They are not intended to be always on; nor always connected from a stable address. They are portable (very smart) terminals, often with poor text input (but usually with reasonable quality camera and microphones), and often a large local cache.

By this definition, doesn't it describe any laptop just as well?
Depends on how it's used. Laptops are more like portable computers and often the end user expects them to take a moment to startup fully even after a resume.
The original comment was

> iPhone push notifications could only be sent with a signing key tied to the same developer account as used to publish the client application.

> That meant it was impossible to send push notifications from your own XMPP server to a generic XMPP client written by someone else.

and you were replying to

> This restriction that push notifications must only come from the developer’s server is a restriction imposed by Apple and their App Store.

So I'm confused as to what you mean.

> An __off device__ request that is processed server to server.

> ... They are portable (very smart) terminals ...

How does this relate to methods of reliably pushing notifications to an iPhone?

Presumably you can do like Matrix, and have the developer of the app run a push gateway.
Exactly, that's how XMPP does it too. Since authentication to the OS vendor APIs are generally linked to the developer's account, that's basically the only practical way to do it.
FWIW, this eventually got solved in XEP-0357, which, while it says it's deferred, is actually implemented by common mobile clients and modules exist for both common server implementations. This is the same design that Matrix eventually borrowed to solve the same problem.
I dunno how well that solved things as a practical matter. I recently began running a Prosody server to host a group chat (MUC) among myself and some friends. Some of us use Conversations on Android, and one uses Monal on iPhone. I also use Monal's macOS client.

The original setup was confusing. I ended up hacking some modules to debug why notifications didn't seem to be working, but eventually I got everything working. (I also wrote a module to sandbox Prosody using pledge and unveil: https://github.com/wahern/prosody-openbsd)

Then OpenBSD 7.1 was released, which upgraded Prosody from 0.11 to 0.12. It's roughly around that time that the iPhone Monal user stopped seeing notifications for the MUC. But the Monal app also updated around that time, so it's difficult to place blame. As far as I can tell notifications seem to be going out to the push server, but it's still a bear to debug and I haven't had the time to properly analyze things, let alone fix them.

I also installed macOS Monal on my young son's macbook so he could IM me while at work, but for some reason desktop notifications don't work at all for him, not even 1:1 chats, and neither pre- or post-Prosody upgrade. (They work for me on my mac mini, though.) We can still chat, but he has no idea if I replied unless he's monitoring the Monal chat window. It's most likely a client-side Monal or macOS issue, though, because Monal doesn't even appear in the Systems Preferences -> Notifications & Focus application list, and side-channel push notifications shouldn't even be involved.

Years ago I used Adium on macOS and ejabberd server-side and things seemed to work more smoothly, even when chatting with Google Talk users. But now Adium is no longer maintained and has fallen behind in extension support. In some ways the XMPP ecosystem seems to have regressed even for the simple stuff, let alone the more complex mobile and MUC support.

MUCs are sadly the absolute worst part of XMPP we see on a day-to-day basis. I don't think mobile notifications in them are actually solveable - while you're not connected, the MUC has absolutely no idea you exist, so why would it send you a push notification.

I'm very hopeful that MIX eventually solves the problems we have with it.

> In 2005 Google added XMPP support to Google Talk/GMail Chat and they were federated, but nobody federated back and they closed off its successor (Hangouts).

I don't think "lack of federation back" was a big driver in this decision. Everyone who used XMPP was able to chat with gchat folks and despite some weird changes Google made to their integration, it worked reasonably well. You didn't need to do anything special to federate with another XMPP server. It just worked like email does.

I expect either product complexity (like having to support non-gchat addressing which then requires full JIDs instead of short names) or de-prioritizing features that weren't directly driving their growth thesis were probably more relevant. Ie, why spend two engineers to fix integration concerns and deal with federation everywhere, when you can just retask those headcount onto some new feature that will drive growth.

I really mean that no other big chat service federated back. The global network of federated XMPP servers was dwarfed by Google's userbase. Maybe if AIM/MSN/Yahoo added an XMPP bridge they would have kept it.
Wasn’t Facebook Chat a big one?
I seem to recall there was a brief period of time when gchat federated with both XMPP and AIM, and I was using Gajim to chat with users from both of those services without a bridge (or at least, the bridge run by Google/AOL was invisible to me).
I thought it was pretty easy to use using Pidgin.
> A lack of good iPhone XMPP clients

And no server based push, though I'm sure someone invented an xmpp extension to fix that eventually :)

* A lack of good iPhone XMPP clients.

Not only that. I'm putting the downfall of XMPP right about where most people started having a smartphone (2009-12), so it certainly didn't help - also on Android there weren't any great ones, the ones we know today are all younger.

I'm glad that you have learned of the brief golden age of online communication. I had friends on 6 different services and used Trillian, Pidgin, etc to talk to them all. Somehow we have to escape these walled gardens and get back to that borderless world.

At work (operations for a space mission), we use an XMPP-based chat system for tactical communications along with several other systems, but Slack was introduced and more and more communcations are being handled over Slack. I'm advocating for replacing several systems with Jitsi, which is XMPP-based, because it allows us better control and customizability. It's an uphill battle.

How can XMPP have failed when I and many others use it daily? When many things like Snikket and Zoom and WhatsApp are built on it?
They may use the protocol but it's not interoperable - you can't chat with someone on Zoom from WhatsApp; that's what people mean by "it failed".
His other example, Snikket, is self hostable and interoperable with the wider xmpp world. The pattern is largely related to companies wanting to build walled gardens. On that basis, most open source tech has "failed" in the sense of having created greater value in VC backed companies with marketing departments than in communities without them. It isn't really surprising that it works that way, and IMHO it isn't failure.
That's really the key and the end of it - SMTP was big enough that all the companies had to work with it, even the ones that originally wanted to walled garden (Lotus Notes and Microsoft Exchange are two big names, even now Exchange still has X500 stuff in there).

The closest thing to that which chat has is text messaging, and I'm honestly surprised that MORE platforms don't have a text messaging "bridge" of sorts.

WhatsApp switched to the Signal protocol several years ago.
Signal protocol refers to a cryptographic protocol not a messaging protocol. XMPP also has an Signal protocol implementation called OMEMO.
Signal as in the chat platform? Fantastic if so.
Only for two-way chat, plus the default is still not encrypted (using Signal protocol) for WhatsApp.

In short, data-at-rest still can remains unencrypted for majority of the messagings on the WhatsApp’s server for all those who may be interested in them … UNLESS you enabled Signal/Encrypted option for two-way.

Group chat for WhatsApp?, it’s still the proverbial pants’ down.

I think the argument for failure is because barely anyone is using it directly with an XMPP client. But as a back end layer for other platforms, it's a smashing success.

According to the XMPP offical website to add some numbers to what you mentioned:

    ~800 million    WhatsApp
    ~200 million    Zoom
    ~4 million      Grindr
Matrix is also (one of) the more popular decentralized chat platform, which is built on XMPP.

I wouldn't at all be surprised if there's chat services that have you connect your local app with XMPP to, and get a simple UI layer that only connects to specific servers and other provides other config settings.

I've also heard of other uses besides chat, like for server management or video game multiplayer games for example. It's a great protocol that's provides delivery logic, accounts, etc. but keeps the actual messages simple and flexible for whatever you want to do.

I think SMTP "won" from being focused on email management instead of a more general protocol for multiple uses. (not that you can't do wacky things with SMTP, of course)

> Matrix [...] built on XMPP.

Matrix is not built on any existing Internet Standards for messaging and is not compatible with XMPP in a meaningful way.

XMPP is in actually in Cisco VOIP too, and that Cisco VOIP Unified Communications [1] stuff is incredibly popular.

The client side Cisco Jabber app is Cisco's version of it that works with their VOIP.

Believe it is both Client & Server, and that is an interoperable implementation that looks like a reskinned pidgin somewhat in older versions, but has a great deal more functionality now, and looks capable of doing VTC and other things [2]

Considering how popular Cisco VOIP is, I think lots more people have XMPP functionality than they realize

[1] https://www.cisco.com/c/en/us/products/unified-communication...

[2] https://www.cisco.com/c/en/us/products/unified-communication...

>Matrix is also (one of) the more popular decentralized chat platform, which is built on XMPP.

It most definitely is not built on XMPP in any way.

It's built on the experience of the XMPP ecosystem ;-)

But tech wise you're probably right.

Huh, I thought it was. My bad, thank you for the correction!
It's mainly because XMPP is overcomplicated, but also they're for different use cases.

XMPP:

  - is designed for chatting and P2P and VoIP over persistent HTTP connections
  - requires everyone to be online
  - servers have to implement 50 different specs
  - works at the frontend and backend
SMTP:

  - is designed to send one large message in bulk over a regular short-lived TCP session
  - is a store-and-forward messaging system, highly resilient to slow or inconsistent networks and server issues
  - is simple and the ecosystem is layered, so the core server doesn't have to implement a dozen specs
  - is practically backend-only
The difference between "Can you hear me now?", and putting a letter in the mail.
This isn't really accurate: xmpp isn't p2p, it is hub and spoke. All comms (except optionally some VoIP and file transfers) go through the server. XMPP can also do store and forward pretty easily with common server addons.

I'd not really describe it as fragile or bloated either, having used it for twenty years or so with no real problems except the now-solved absence of e2e encryption (OTR, OMEMO).

Still, clients could be better.

What an XMPP server supports:

  - XML
  - XHTML
  - vCard
  - Bookmarks
  - Message Archive
  - P2P
  - VoIP
  - Multi-user Chat
  - File Transfer
  - Data Forms
  - Service Discovery
  - Pub-Sub & Personal Eventing
  - Bidirectional Synchronous HTTP Streams
  - WebSockets
  - Push Notification
  - Protocol Gateways
  - TLS
  - OTR
  - PGP
What an SMTP server supports:

  - SMTP
  - TLS
175 XMPP specifications (https://xmpp.org/extensions/)

24 SMTP specifications (https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#...)

SMTP was there early and with significant adoption - it's not inherent stability or quality of design. Early success and adoption tends to both entrench and freeze protocols despite their deficiencies. XMPP never got the sort of adoption to make it entrenched and its deficiencies were noted far earlier in its lifecycle. Moxie Marlinspike's piece on some of this is well worth reading:

https://signal.org/blog/the-ecosystem-is-moving/

Daniel Gultsch's response is also worth reading: https://gultsch.de/objection.html
Seven years haven't been particularly kind to that (fairly slight, I think), objection. The specifics change but the principal points Marlinspike raises haven't. Of course, XMPP is more dead than ever, SMTP is still around and taking on the piece by moving the goalposts from protocols to something else hasn't become more effective.
> XMPP is more dead than ever

What are you basing this on? The opposite is the case: https://takebackourtech.org/xmpp-comeback/

That link says XMPP advocates think XMPP isn't dead.
It's declared dead by the people where every single one of your 20 nerd friends in your xmpp contact list has shut down their server, and that happened like 8 years ago in my case. We were on IRC before that and we're still on IRC, that's why IRC is alive.
From that post:

> because someone’s choice to use an XMPP client or server that doesn’t support video or some other arbitrary feature doesn’t only affect them

It was actually even worse than that, because clients also have complete freedom in which audio and video codecs to support. So you would end up with client 1 and 2 both supporting video, but not the right protocol, so it didn't work, and it was hard to figure out why.

XMPP wasn't adopted by large organizations who valued interop and federation. They valued the implementations, but almost invariably used it to build a walled garden.

I'm not entirely certain why this was, but I suspect that valuing extensibility over interoperability (or the perception of it) was part of it. Optional extensions and interop with hosts that used a different set simply gave hosts/operators too much to think about in terms of deploying the service for users.

As a rabbit trail/pet peeve, I think there needs to be _some_ standard in this space. It is silly to me that iMessage/SMS/Google Talk/Facetime/etc. can't all just interop on some open standard. I understand there are marketing forces pushing against it, but we do it for email, why not chat & talk? Totally ridiculous that I have to think "is this friend using Android or iOS?" when I text or call them. Even worse for group texts, plus means that windows/linux users can't easily message through their iphone. I haven't dove into it, but XMPP seems like a good candidate.
A common mistake tech people make is assuming that things that bother them must also bother a large number of other people enough to incur sizeable switching costs to solve it.
Nah, the other people are just wrong.
XMPP is already a RFC Internet Standard.

It's just that getting federation, interoperability and backwards compatibility is much harder than inventing your own new thing + users gain the freedom to move to a different provider (without loosing all your contacts).

>, I wonder what has made SMTP such a stable protocol that has stood the test of time and what is the real reason we don't use XMPP

There are probably multiple reasons and we can't replay history to know which reason contributes the most but one key difference is that email accounts (SMTP) were pushed onto the regular non-techie consumers whereas XMPP was more of a geek tool that users had to pull and opt into.

E.g. New students at a university automatically got a ".edu" email address. Residents got a free email account (ISP) with their cable service. Employees got a corporate email address. In other words, millions effortlessly got the utility of email/SMTP even without installing AOL CDROMS.

To further reinforce email/STMP, if consumers want to order something from Amazon, they needed an email address to create an account instead of an XMPP address.

Other forms of communication like XMPP/IRC don't have that widely disseminated self-reinforcing utility cycle so they stay a niche tool. What critical service in normal life requires an XMPP address? I can't think of any.

cheogram has an SMTP<->XMPP gateway now (along with others.)

Aren't open protocols and interoperability great?

The short answer is network effects. The longer answer:

SMTP is an old protocol; it really predates much of what we'd think of as the Internet (e.g., it predates DNS or even IPv4). This means that during the big initial growth phase of the Internet, SMTP was already an established standard that could be used to transfer email. Indeed, for email routing on the internet, you kind of had to support SMTP anyways, which makes it difficult for any other protocol to gain traction.

That's not to say that there weren't alternative protocols. The biggest of these was X.400, which many in the 90s saw as the eventual replacement of SMTP. But this was hampered by the already existing install base of SMTP. Other failures leading to the failure of X.400 was its reliance on the OSI stack, which lagged behind in implementation compared to the TCP/IP stack, and the rather cumbersome addressing model of X.400 compared to SMTP. The value added in supporting X.400 in addition to SMTP wasn't worth the cost of implementing X.400, and it wasn't really feasible to support only X.400 given the already widespread use of SMTP.

In this model, XMPP actually works closer to X.400 than it does to SMTP. It came about after the protocols it aimed to replace were already in existence--and wide use. (See also IRC, which is still alive and active). So implementing XMPP means you need to justify the value-add of XMPP over existing legacy protocols. If you were implementing your own, new chat service, it might make sense to build it on top of XMPP instead of a custom protocol. But replacing existing chat protocols with XMPP was again a costly move with benefits rarely justifying the move. The further federation goal of XMPP would have been an anti-goal to many of the chat implementations.

XMPP shares another feature in common with X.400: implementation complexity. Where XMPP had numerous implementation options and XML, X.400 has ASN.1. It's probably straightforward to write another solid explanation that phrases SMTP's success entirely in terms of its simplicity
As an old sendmail hacker, it amuses me to see SMTP called simple. I suppose it is though, at it's most basic level. It's the extra layers added over the years (MIME, text encodings, security, ...) and sendmail itself that make it complicated.

Email address routing used to be ugly too, but the consolidation on the <user>@<host> standard really helped there.

I mean, it's in the name :P
SMTP was simple then. It grew organically via grafting of new things. It's not simple now, but nothing would be.
Email has grown without fragmentation, because interoperation is seen as a basic requirement by the users and operators.

Also strictly speakng MIME and other content layer things aren't part of, and didn't need changes to, SMTP. This is of practical importance because it means email server infrastructure doesn't need to know about email content format evolution, only end user email software does.

(comment deleted)
I recall reading that XMPP also wasn't always fully implemented / federated between services.

E.G. wasn't advertising basic client online / busy / etc janky between different siloed implementations?

Online/busy/etc. are part of the core standards and very basic functionality. All software has occasional bugs, but I never encountered widespread issues with statuses such as you seem to be describing.

There was a period of time where if someone signed in using the Google+ chat client, they would appear online but wouldn't receive any messages you sent them from the XMPP side. That was entirely a Google implementation thing (they had stopped maintaining XMPP interoperability at that point).

The big growing pain for XMPP was behavior when you had multiple clients connected simultaneously. Extensions were added to the standard that unified behavior around which clients received messages (today we'd assume all of them but that was more up in the air at the time) and tracking of read status across clients in order to highlight new messages. But during perhaps the heyday of XMPP the extension was not universally supported by even some popular clients, so multi-client functionality could be confusing and inconsistent, e.g. messages delivered to only one client for no clear reason. This is a pretty well solved problem today but, well, no one is using XMPP.
Tooling is always an issue in the beginning, when you pick a new technology like XML or ASN.1. Tooling is not an issue now, but now is too late. Turns out that writing specs -and implementing them- around simple textual protocols is easier than building new binary and textual structured encodings.
> it predates DNS or even IPv4

I don't know about IPv4... IPv4 was RFC 760 (Jan 1980) while SMTP was RFC 821 (Aug 1982). DNS was certainly later, RFC 1034 (Nov 1987).

I can't confirm nor deny any claims about protocol age, but still want to point out that the RFC numbering only indicates the order in which these protocols were standardized (or at least proposed for standardization), not when they were first used.
Sure, and they both had several predecessors. But everything sort of blends together if you don't pick a specific point to define when a protocol 'begins'. Standardization through RFC seems like the best choice for the core internet protocols.
Nope, SMTP is the older one. RFC 821 standardized SMTP, RFC 760 created IPv4, and in fact if you read RFC 801 it required a switchover from the previous Network Control Protocol (NCP) to then-new TCP/IP on the start of 1983. As the grandparent points out:

> RFC numbering only indicates the order in which these protocols were standardized (or at least proposed for standardization), not when they were first used.

Even today, many things are de-facto implemented before standardized so I personally don't think that it's correct to look at the RFC date as the date to consider.

The first SMTP RFC is RFC 788, not RFC 821. RFC 780 and RFC 772 are RFCs for MTP.

IPv4 is defined by RFC 760 and RFC 791, although I don't know if RFC 760 actually implements something that looks like modern IPv4 (one of the challenges with old RFCs is that they were actually requests for comment, and I don't have a good sense of when this practice actually stopped).

I was going by Wikipedia's dates, which give the actual use of IPv4 on ARPANET as January 1983, which I believe postdates the actual use of SMTP on ARPANET.

> I was going by Wikipedia's dates, which give the actual use of IPv4 on ARPANET as January 1983, which I believe postdates the actual use of SMTP on ARPANET.

This is documented on RFC 801 (https://datatracker.ietf.org/doc/html/rfc801), which literally just mandated use of the previous NCP until 1982 and then switch to the incompatible TCP/IP protocol stack in 1983. Imagine doing that with IPv4!

That said, the initial protocols that were too challenging for XMPP to unseat (MSN, AIM, Skype...) have been unseated by newer tech anyway (Whatsapp, iMessage, Telegram), so it clearly wasn't a perpetually insurmountable challenge.
> Other failures leading to the failure of X.400 was

naming. The biggest failure of X.400 was naming. X.400/X.500 style naming was and remains an unqualified disaster. Not that the pre-DNS alternative (UUCP) was great, but that name@domain turns out to be infinitely better than X.400.

If I recall, Exchange Server back in the day was built on an X.400 stack and SMTP was a extra connector yiu could buy. That all got turned around when Exchange 5.5 hit and it was clear that even the US Government, who were a massive motive force behind X400/500, were moving on.
XMPP was difficult for most to understand. Hardly plug/play.

Same issue with Mastodon, in my opinion. People want to grab something from the Store or Play, sign in, and be where everyone else is.

The web killed the internet.

As developers we look too often for technical reasons for a limitation or failure but usually the social reasons are more significant.

Getting a client installed on a computer was socially difficult like convincing some one to install an app on their phone. Having a browser installed on every computer and phone made it trivial to get a client on a computer the only down side is being forced to use http and websockets as the protocol.

DNS and WHOIS used to be protocols in their own right but both are being replaced by http, I wouldn't be surprised if http came for smtp next.

> The web killed the internet.

This is an under-appreciated observation, and adds useful context to a lot of the other answers given here.

> I wouldn't be surprised if http came for smtp next.

I hate to be the one to tell you, but:

https://jmap.io/

IIRC, It was successful for a long time, but then when Google started supporting it, they captured a lot of the market because gmail was so popular, and it had xmpp chat support built into it with gchat.

Eventually, for various reasons, Google decided that an open xmpp based system didn't work for them, and they closed it and extended it. This was effectively the end of xmpp as a distributed tech that many people use today.

Interesting, in a lot of ways SMTP is no longer an open system. It is extremely hard to operate a mail server in such a way that your valid emails get delivered correctly and not marked as spam. So for example in the name of fighting spam, it is extremely difficult to participate in this "open" system.

Regardless of SMTP and XMPP being from different eras, we can make these high level observations: SMTP was something designed for and deployed at the enterprise/institutional level. Whereas XMPP relied on word-of-mouth spread and adoption among individuals.

I tried XMPP early on, and found the software to have a user experience that was utter garbage, so after that I didn't give it a second thought.

At the enterprise level, though, garbage UX is the norm. SMTP is hard to deploy, but you have paid full-time sysadmins whose job it is to figure out the necessary parts of sendmail.cf or whatever else. You tell them "make it so" and they do.

I suspect there was no enterprise level push for XMPP anywhere.

> I suspect there was no enterprise level push for XMPP anywhere.

Gmail and Facebook adopted XMPP. But it seems like it wasn't a good fit for their business model of shutting users in and collecting as much data as possible, so they shut it down eventually.

Before the pandemic hit and management decided to move to MS Teams, we have been using Cisco Jabber which — by the name — obviously seems to use XMPP.
> I suspect there was no enterprise level push for XMPP anywhere.

At the about the time when federated XMPP could have gained momentum at the enterprise level, 2005-2010, SaaS and then cloud began to take off. Enterprises began to shy away from hosting their own services. Even though many were still hosting their own e-mail and web servers, it was already too late for XMPP, especially given all the other factors--IM wasn't yet a killer business app, etc.

Without a large, diverse group of players effectively forcing federation, there was nothing countering the incentives for big players to create walled gardens.

I worked at company, Barracuda Networks, that acquired an enterprise XMPP appliance product around 2005. They also hired the main developer of one of the most popular open source Windows XMPP clients to help them integrate enterprise features (LDAP, etc). After a few years they basically put the project on life support. If there was more enthusiasm, and Barracuda worked harder with other vendors to build a large installed base, improving the overall value-add and "creating" a market, maybe things would have worked out differently. But that's a big ask for a bunch of medium-sized, short-term profit-seeking companies. Eventually startups like Slack ended up doing something like that, but using proprietary, walled-garden, hosted services, a model where they could capture entire markets--i.e. a big enough potential pay-day to make it worthwhile. :(

Another alternative scenario: maybe if anti-trust regulators came down hard on Google when they began to close-off federation. GTalk could have been (and briefly was) an important anchor tenant for a nascent federated IM ecosystem. Not sure it would have been legally viable, though, to restrain Google that way given the state of IM at the time.

XMPP was never that popular... it was IRC that was the (relatively) widely used open protocol.

SMTP was early enough and good enough to get widespread adoption. IRC in its original form was never good enough (esp. re: scaling), so services like AIM were able to step in and were good enough and open enough[1] solution while the open source world stuck with IRC for too long because it 'works for us'. So open standards like IRC never got entrenched the way SMTP did in proprietary solutions and by the late 90's the open source world had become pretty weak on developing new Internet standards that would even get widespread adoption in the open source world.

It's worth noting that there's nothing etched in stone to say that SMTP has won indefinitely. Try setting up a purely open source SMTP server on the Internet these days and see who you can talk to. Google has been making it harder and harder[2] to use non-Google clients with their servers. Slowly but surely, business interests seem to be enveloping SMTP with their own walled gardens... it's just taking longer.

[1] Well, sort of. They actually seemed to want to be proprietary about it. But every time they changed the protocol, the apps that worked with it were able to reverse engineer their changes quickly and AOL didn't fight too hard to prevent them from doing so.

[2] Or at least enough of a chore so that most people won't bother trying.

IRC was a different usage model too. While you could do direct messages in IRC, it was a side feature and not the primary use case for it. XMPP, AIM, and the like are focused far more on direct messaging with chat rooms being a clunky add-on.

Anecdotally I experimented with an XMPP server for awhile and found it far more difficult to start up than an IRC server. It was far more enterprise oriented, assuming you had control over the DNS (only one server per domain of course) and with lots of complexity around LDAP or AD integration. This is as opposed to an IRC server where you downloaded the software, optionally exchanged keys with a peer, and started it up.

Using XML as a message format was also a mistake, but not one so bad that it would sink the entire project. ASN.1 would have been a better choice.

AOL didn't fight too hard?! AOL fought the hardest of any of them! AIM interop was by far the most notoriously difficult challenge for alt client devs back in the day because they explicitly fought alt clients, whereas MSN Messenger, ICQ etc didn't bother.

The trick I remember the most was really quite clever - the server started sending hash challenges to the clients i.e. a random byte range into the client binary. The client had to respond with a hash within a timeout or else the server disconnected them. The trick was, because the challenges were randomly generated you couldn't make a database of them, but also, the copyright license on the client forbade people redistributing it. Eventually it was worked around of course, people set up servers to answer the oracle queries that clients could relay to, but it really disrupted the alt messenger scene for quite a while. And in turn that meant it screwed people who wanted to use Linux because AIM was the number 1 social network in the USA during this period (though it's all forgotten now and was never as big in Europe, where MSN dominated).

Isn't XMPP almost ubiquitous?

I thought it's what everyone used for messaging and push notifications. I know Google extended it beyond compatibility around when Hangouts came out and they started doing browser notifications. Apple stopped providing sources for ejabberd in the last few years, so I assume they moved off that for their iChat/messaging backend, but isn't iChat still an XMPP client?

Aren't most SMS messages routed via XMPP?

> isn't iChat still an XMPP client

That's really cool. I would love to send XMPP messages to my friends who use iPhones without having them register on a public chat service and downloading a client.

Wikipedia tells me that iChat was XMPP-based, but was discontinued in 2012 and replaced with iMessage, which is based on Apple Push Notifications and not XMPP.

Google has also discontinued Hangouts and who knows what you're supposed to use now. Their chat stuff has been so chaotic I really can't keep track. (Allo? Duo? Plus? Google Talk? Wave? Chat?)

SMTP is not such a great success either. It has fading into irrelevance for a long while already. Private comms have been shifting towards facebook/whatsapp/whatever, and corporate which held to email longer is now shifting towards slack/teams. Even with email SMTP is becoming less relevant with the rise of Microsoft-Google duopoly. Come to think of it, SMTPs decline and XMPPs failure coincide pretty well.
Timing and demand. For many, the cost does not outweigh the benefit. Migration is a b**.
SMTP achieved critical mass before the age of modern startups / companies.

All of these federated protocols: XMPP and even Mastodon to an extent, are smaller groups of humble nerds running instances. They aren't massively advertised, large-scale billion dollars of investment companies like Discord or Facebook, trying to build network effects and/or advertising revenue.

-----------

When competing against profitable companies, its not sufficient to merely exist. You're competing against advertising and eyeballs. Facebook is big because its big, because it advertises, because it is constantly pushing for more-and-more users. Same with Twitter, same with Discord.

This leads to little advantages: a $10-million+ UI overhaul every few years. Designers to simplify the interface and onboard faster. Paying Google/Apple absurd amounts of money to access the push-notification APIs on phones. Etc. etc.

Smaller XMPP instances already fail at the push-notification thing. Who will pay for that? And without push-notifications, do you really have a modern chat platform? Other companies can afford the costs.

For the record, access to push notification APIs only needs to be done by the developer of the app the users are using. Small servers never need to communicate with Apple/Google themselves - any necessary notifications are routed through a gateway operated by the app's developer (which is also necessary because only the app developer is given the API keys and permissions to send push notifications to their app).

At the time of writing this, 90% of 363 tested XMPP domains support push notifications.

I'm not disagreeing with your overall point, mind. There is lots to compete with, and due to the lack of a good business case for open networks, most XMPP projects are by open-source volunteers and the majority of public XMPP services are similarly operated by volunteers.

There do exist projects with funding though, and there are multiple companies actively engaged in paid XMPP projects and deployments. But these all tend to happen behind closed doors, they're typically not deployments for the general public, or the XMPP is quietly under the hood of a larger service/product (such as happened in Zoom, WhatsApp, and many online games such as EVE and Fortnite).