MTProto proxy: a cheap bonus to the service
An MTProto proxy works right inside Telegram, without a separate client. As the primary way around blocks it no longer cuts it in 2026, but as a cheap bonus to the service — a backup entry into the messenger and a funnel entry point — it's fine. Below are two working variants. Enter your own data in the builder above.
This material is about engineering your own infrastructure and is educational in nature. Complying with the laws of your own jurisdiction is your responsibility.
Why you'd even want it
Straight up honest about 2026, no marketing: MTProto is not a silver bullet. FakeTLS proxies have learned to be told apart from real TLS by handshake micro-patterns, and as a primary means of getting around blocks MTProto has long been unfit. Build your primary circumvention on VLESS/Reality. But MTProto still has two real roles I keep it around for:
- A backup entry into Telegram. When the messenger gets throttled, MTProto is often still reachable — it's useful to keep as a spare channel specifically in Telegram, it works natively, without a third-party client.
- A funnel entry point. The official proxy can be a sponsored one: your channel is shown pinned at the top for people who use the proxy. This isn't fake-boosting — no one is subscribed by force (Telegram forbids that), the channel is simply shown, and the person subscribes on their own. An honest inflow: connected to a free proxy → saw the channel → came for a VPN.
MTProto is undemanding — the cheapest VPS is enough (1 vCPU, 512 MB–1 GB). Pick a location that traffic from the target region reaches reliably.
Server prep
apt update && apt -y install docker.io ufw curl
ufw allow 22/tcp && ufw allow 443/tcp && ufw --force enable # MTProto is TCP/443, no UDP neededVariant A — with a sponsored channel (the official proxy)
The sponsor tag is supported by Telegram's official proxy. This is the "show the channel" path.
# secret: 16 bytes = 32 hex characters
SECRET=$(head -c 16 /dev/urandom | xxd -ps)
echo "SECRET=$SECRET"
# launch (we'll add TAG in the next step)
docker run -d --name mtproxy --restart unless-stopped \
-p 443:443 -v mtproxy-data:/data \
-e SECRET=$SECRET \
telegrammessenger/proxy:latestNext we make the proxy sponsored via the @MTProxybot bot:
- Open @MTProxybot → the
/newproxycommand. - Enter your server's
SERVER_IP:443, then the secret ($SECRETfrom above). - The bot returns a proxy tag (32 hex characters).
- In the bot, attach your channel to this proxy (
/setpromo→ pick the channel). - Restart the proxy with the tag:
docker rm -f mtproxy
docker run -d --name mtproxy --restart unless-stopped \
-p 443:443 -v mtproxy-data:/data \
-e SECRET=$SECRET -e TAG=YOUR_API_TOKEN \
telegrammessenger/proxy:latestDone — for everyone who connects to the proxy, your channel will be pinned at the top.
Variant B — maximum stealth (mtg v2, FakeTLS)
mtg v2 gives the best camouflage — clean FakeTLS plus mimicry of a real site (more resistant to 2026 DPI). But the sponsor tag was removed in v2 — this variant is for stealth, without channel promotion. You can keep both: A as the main one with the channel, B as a stealth fallback.
# FakeTLS secret for the camouflage domain (SNI), e.g. a large live site
docker run --rm nineseconds/mtg:2 generate-secret www.microsoft.com
# -> ee.... (this secret goes to the client)config.toml:
secret = "ee....YOUR_SECRET"
bind-to = "0.0.0.0:443"
# mimicry of a real site (more resistant to 2026 DPI)
[defense.doppelganger]
urls = ["https://www.microsoft.com/"]Launch:
docker run -d --name mtg --restart unless-stopped \
-v $PWD/config.toml:/config.toml -p 443:3128 \
nineseconds/mtg:2
docker exec mtg /mtg access /config.toml # prints an https://t.me/proxy?... linkFor the FakeTLS domain (SNI) pick a large "live" site with TLS 1.3 that isn't blocked in the region. Don't pick a domain that's itself cut off — camouflaging as something blocked is pointless.
Handing the proxy to clients
A link like https://t.me/proxy?server=SERVER_IP&port=443&secret=ee... — drop it into a channel or a bot, and on a tap Telegram itself offers to connect. It's handy to put a "Free Telegram proxy" button in a bot — that's also a funnel entry point.
Traps and the frame
- Don't make MTProto your primary circumvention. Since spring 2026 FakeTLS proxies are being deliberately suppressed. Keep it as a Telegram fallback and a growth tool, and route traffic through VLESS/Reality.
- What extends its life: mimicry of a real site (mtg doppelganger), IP/domain rotation, non-standard ports.
- A sponsored channel is a display, not a subscription. You don't subscribe anyone by force, the person decides for themselves. It's an honest inflow, and it should be presented exactly that way.
MTProto is a cheap bonus to the main service: a backup entry into the messenger plus a funnel entry point. The primary survivability is held by VLESS/Reality — they have their own separate articles.
Next guide Naive and AmneziaWG: alternative protocols → ↗ Article unclear or something off? Message me and I will help or fix it. @notrealvpn →