Message queuing telemetry transport (MQTT) is widely used as a communication primitive in publish-subscribe-based IoT applications. However, the current MQTT standard does not support the privacy of IoT devices and users. Therefore, in this paper, we address the anonymous communications for MQTT-based IoT networks by tailored onion routing. To this end, we first introduce the concept of distributed IoT broker networks, in which a collection of IoT brokers are interconnected with each other. These brokers serve as onion routers. Then, we propose a generic anonymous messaging protocol (A-MQTT) for publish-subscribe-based IoT systems. Unlike typical anonymous communications, there are multiple destination IoT devices, called subscribers, in MQTT contexts. Hence, the privacy notions, such as traceable rate, device anonymity, and path anonymity, are redesigned. To illuminate the fundamental privacy issues, closed-form approximations for these privacy metrics are modeled. In addition, simulation results demonstrate that our A-MQTT significantly improves the security performance and that our proposed models closely approximate the various privacy performance. Furthermore, a proof-of-concept protocol is implemented on a Raspberry Pi 4 in order to show that the proposed A-MQTT can be deployed in an IoT environment.