Technical

Building a Telegram Proxy Status Bot (Tutorial)

Build a small Python bot that monitors TGFast servers and reports their status. Full code included.

MTProto Proxy Engineers · Censorship Circumvention Researchers

Published April 27, 2026 Updated May 15, 2026 8 min read 286 words

What we are building

A small Telegram bot that you can add to a group chat. When users send /status, it replies with the live ping and uptime of the TGFast fleet. The bot uses Python 3.11+, the python-telegram-bot library, and connects to Telegram via TGFast itself (so it works even from restricted regions).

Prerequisites

Python 3.11+, a Telegram bot token (get one from @BotFather), and a small VPS or local computer. The bot does about 10 KB/s of traffic so it runs comfortably on a Raspberry Pi Zero 2W.

Get a free TGFast proxy

Browse the live country grid on the home page and tap any card to connect Telegram in one second — no signup, no logs.

Open the fleet

Install dependencies

pip install python-telegram-bot pythonping

This installs the bot framework and a pure-Python ping library that does not need root.

Bot code

import asyncio
from telegram.ext import Application, CommandHandler
from pythonping import ping
SERVERS = [
  ("a TGFast proxy", "your TGFast card hostname"),
  ("a higher-throughput TGFast proxy", "your TGFast card hostname"),
  ("a TGFast proxy", "your TGFast card hostname"),
  ("an APAC TGFast proxy", "your TGFast card hostname"),
  ("a TGFast proxy", "your TGFast card hostname")
]
async def status(update, context):
  lines = ["TGFast Status:"]
  for name, host in SERVERS:
    try:
      r = ping(host, count=2, timeout=2)
      lines.append(f"{name}: OK {int(r.rtt_avg_ms)}ms")
    except Exception:
      lines.append(f"{name}: DOWN")
  await update.message.reply_text("\n".join(lines))
app = Application.builder().token("YOUR_TOKEN").build()
app.add_handler(CommandHandler("status", status))
app.run_polling()

Stay updated

Join @FastTGProxyMT for instant alerts when servers move or new proxies launch.

Join Telegram Channel

Running through TGFast

If your server is in a restricted region, configure python-telegram-bot to route through TGFast:

app = Application.builder().token("YOUR_TOKEN").proxy("https://your TGFast card hostname:57691").build()

This makes the bot itself censorship-resistant.

Deploy with systemd

Create a systemd service so the bot restarts automatically. Save as /etc/systemd/system/tgstatus.service:

[Unit]
Description=TGFast Status Bot
After=network.target
[Service]
User=botuser
ExecStart=/usr/bin/python3 /opt/tgstatus/bot.py
Restart=always
[Install]
WantedBy=multi-user.target

Then sudo systemctl enable --now tgstatus.

Extending the bot

Easy additions: per-user favorite server, country auto-detection via IP geolocation, alert notifications when a server goes down. Pull requests welcome on our community GitHub mirror.

Frequently Asked Questions

How is MTProto different from SOCKS5 or Shadowsocks?

MTProto is Telegram's native protocol, so traffic looks indistinguishable from a normal Telegram connection to deep packet inspection. SOCKS5 is a generic proxy with a recognizable handshake; Shadowsocks adds obfuscation but still requires the operator to defend their port and keys against probing. MTProto with Fake-TLS adds a TLS-1.3-mimicking handshake that has proven the hardest of the three to fingerprint.

Why does the secret start with "dd" or "ee"?

The leading byte is a magic prefix that tells the Telegram client which obfuscation mode to negotiate. "dd" enables MTProto 2.0 random padding to defeat traffic analysis; "ee" indicates Fake-TLS mode where the entire session is wrapped in a TLS 1.3 handshake. Both are interoperable with all modern Telegram clients.

Can a network operator detect that I am using an MTProto proxy?

A determined operator can sometimes flag suspicious flows by timing analysis, but the encrypted payload itself is opaque. Fake-TLS makes detection significantly harder because the handshake mimics a real HTTPS site (including SNI, ALPN and certificate exchange). Even when flagged, blocking is per-IP, not per-protocol — which is why TGFast rotates IPs continuously.

Does an MTProto proxy add real cryptography or only obfuscation?

Both. The MTProto 2.0 transport adds AES-256-IGE encryption between client and server with per-session keys derived from the shared secret, and Fake-TLS wraps that channel inside a real TLS 1.3 handshake. Even if the proxy operator were malicious, they could not decrypt the inner Telegram session — that key is negotiated end-to-end with Telegram's data centres.

How does TGFast pick which servers to deploy and where?

We monitor latency and packet loss from probe nodes in 14 cities across the regions hit hardest by Telegram restrictions. New servers are spun up where the median latency to nearby ISPs falls below 80 ms and where the upstream provider has historically resisted ISP take-down requests. Capacity is rebalanced weekly.