The 2026 multi-account playbook for Telegram: stack, proxies, and ban-avoidance
The 2026 multi-account playbook for Telegram: stack, proxies, and ban-avoidance
Running multiple Telegram accounts is not inherently complicated, but doing it without getting waved into a ban wall requires more infrastructure discipline than most operators expect. Telegram’s trust signals are layered: phone number reputation, device fingerprint, IP consistency, and behavioral velocity all feed into their automated moderation. Get one wrong and you lose accounts faster than you provision them.
This guide is for operators running community management, airdrop farming, market research, or outreach campaigns across ten or more Telegram accounts. It assumes you already have a reason to be here and you want the operational layer, not a lecture on whether you should do it. I’ll cover the stack I use out of Singapore, common failure modes, and what changes as you scale past 100 accounts.
By the end you’ll have a reproducible provisioning workflow, a proxy strategy that holds up under Telegram’s connection checks, and a short list of practices that have kept account attrition low across campaigns I’ve run through early 2026.
what you need
Accounts and phone numbers - Fresh phone numbers from a virtual number provider. I use SMS-Activate for bulk. Prices vary by country; Indonesian and Kazakh numbers were running around $0.20-0.50 each as of Q1 2026. India numbers are cheap but have higher Telegram block rates. - Alternatively, physical SIM farms if you’re operating at serious scale, but that’s capital-heavy and out of scope here.
Proxy infrastructure - Residential or mobile proxies per account. Datacenter proxies get flagged quickly on Telegram. I run Smartproxy residential for most accounts; mobile proxies from iProxy.online for anything that needs to look like a phone user. - Budget: roughly $3-8/month per IP slot if you’re on rotating residential. Static residential is more expensive but better for account longevity.
Client/browser isolation - An antidetect browser or containerized setup. I use AdsPower for browser-based Telegram Web accounts. For API-based automation, each process gets its own isolated environment. - If you’re doing any volume of automated messaging or scraping, you’ll need the Telethon Python library or a similar MTProto client.
Device fingerprint management - Each account should have a consistent user-agent, screen resolution, timezone, and language setting that matches the proxy’s geolocation. Antidetect review resources like those at antidetectreview.org/blog/ go deeper on browser fingerprint matching if you need it.
Costs to estimate - Phone numbers: $0.20-2.00 each depending on country - Proxies: $3-8/slot/month - Antidetect browser: $30-100/month depending on profile count - SMS service account: varies by usage
step by step
step 1: choose your number strategy
Decide whether you’re doing manual registration or bulk API-based registration. For under 20 accounts, manual works fine. Above that, you want scripted provisioning.
For manual: buy numbers one at a time on SMS-Activate, open Telegram, enter the number, receive the SMS, confirm. Each number gets its own browser profile in AdsPower before you touch Telegram.
For bulk: SMS-Activate has an API. You can script number purchases, receive OTPs, and complete Telegram registration programmatically using Telethon’s TelegramClient.
from telethon.sync import TelegramClient
from telethon.errors import SessionPasswordNeededError
api_id = YOUR_API_ID
api_hash = 'YOUR_API_HASH'
phone = '+628XXXXXXXXXX'
with TelegramClient(phone, api_id, api_hash) as client:
client.send_code_request(phone)
code = input('Enter code: ')
client.sign_in(phone, code)
If it breaks: Telegram returns PHONE_NUMBER_BANNED immediately on numbers with prior spam history. Discard and provision a new number. Some country prefixes have near-zero success rates; track your rejection rate by country and cull bad sources.
step 2: set up proxy assignment before registration
This is where most operators get tripped up. They register the account first, then assign a proxy. Telegram logs the IP used during registration as part of the account’s trust profile. If the first IP is a datacenter in Frankfurt and every subsequent session comes from a residential IP in Jakarta, that inconsistency is a signal.
Assign the proxy in your antidetect profile or in your Telethon client before you ever send that first SMS code request.
In Telethon, pass a proxy at client instantiation:
import socks
from telethon.sync import TelegramClient
client = TelegramClient(
'session_name',
api_id,
api_hash,
proxy=(socks.SOCKS5, '192.168.1.1', 1080, True, 'user', 'pass')
)
If it breaks: Connection timeout usually means the proxy isn’t accepting SOCKS5 on that port. Verify with a curl test: curl --proxy socks5h://user:pass@host:port https://checkip.amazonaws.com
step 3: complete registration and initial warmup
After registration, do not immediately start the account’s primary activity. Telegram’s anti-spam systems weight new accounts heavily. A 48-72 hour warmup period where the account receives messages, joins one or two public channels, and sends a handful of organic-looking messages significantly reduces early ban rate.
What counts as warmup: - Join 1-2 large public channels (100k+ members) - Send a message in a general chat - Update the profile photo and bio
What to avoid in the first 72 hours: - Mass joining private groups - Sending the same message across multiple accounts - Adding contacts in bulk
If it breaks: If you get a PEER_FLOOD error, the account is in a temporary restriction state. Wait 24 hours. If it persists past 48 hours, the number is likely flagged and you should rotate it.
step 4: configure session persistence
Each Telegram session generates a .session file (in Telethon) or equivalent. Treat these as credentials. Back them up to encrypted storage. If a session file is lost and you try to re-auth the same number, Telegram sometimes triggers a secondary security check or flags the re-auth as suspicious.
Naming convention I use: {country_code}_{last4digits}_{creation_date}.session
Store them in a directory structure organized by campaign or purpose, not flat.
If it breaks: If a session file becomes invalid (account was force-logged out), you’ll get AUTH_KEY_UNREGISTERED. This means the account was either banned or had its session invalidated remotely. Check account status by attempting a fresh login; if you get PHONE_NUMBER_BANNED, the account is gone.
step 5: proxy rotation and sticky sessions
Telegram expects sessions to come from a consistent IP or at least a consistent ASN range. Pure rotating proxies, where every request hits a different IP, will trigger security warnings.
Use sticky sessions: most residential proxy providers let you request a session token that keeps the same exit IP for 10-30 minutes. For anything longer-running, use static residential.
For Smartproxy, sticky session format is typically:
user-sp-session-{session_id}:[email protected]:7000
Assign one sticky session or one static IP per account and don’t share IPs across accounts.
If it breaks: If the same proxy IP gets flagged (you’ll see increased CAPTCHAs or connection drops), rotate the sticky session token and allow the account a 12-hour rest.
step 6: message and action rate limits
Telegram documents their MTProto API rate limits in general terms. Practically, the limits I’ve observed: - Sending messages to non-contacts: 30-40 per day before flood wait kicks in - Joining groups: ~20 per day for new accounts, higher for aged accounts - Contact adds: 50 per day hard limit, less in practice for new accounts
Implement a human-shaped delay between actions. Bursting 40 messages in 4 minutes is different from 40 messages across 6 hours.
import time
import random
def send_with_delay(client, recipient, message):
client.send_message(recipient, message)
# human-shaped delay: 45 seconds to 3 minutes
time.sleep(random.uniform(45, 180))
If it breaks: FloodWaitError includes a seconds attribute. Respect it exactly. Ignoring flood waits accelerates account bans.
step 7: monitor account health and set up alerts
At any real scale you need automated health checks. A daily script that attempts a get_me() call on each session and logs failures is the minimum.
from telethon.sync import TelegramClient
from telethon.errors import AuthKeyUnregisteredError
def check_session(session_file, api_id, api_hash):
try:
with TelegramClient(session_file, api_id, api_hash) as client:
me = client.get_me()
return {'status': 'alive', 'username': me.username}
except AuthKeyUnregisteredError:
return {'status': 'banned', 'session': session_file}
Route failures to a Telegram alert bot or a simple log file you check daily. Catching a ban early means you can rotate the account before it affects ongoing campaigns.
If it breaks: If the health check itself triggers additional account restrictions, you’re calling too frequently. Once per 24 hours is enough.
common pitfalls
reusing proxies across accounts. this is the single fastest way to lose multiple accounts in one event. Telegram can and does correlate IPs. One IP flagged for spam means every account behind that IP gets reviewed. One IP, one account.
skipping warmup on aged purchased accounts. buying aged accounts sounds like a shortcut but the sessions come from someone else’s device fingerprint. Re-authenticating on a new device immediately after purchase is a flag. If you’re buying sessions, verify the seller provides working .session files and do a 24-hour soft warmup before running campaigns.
ignoring the Telegram Terms of Service on automation. Telegram explicitly restricts bulk messaging and automated actions in their ToS. Running at scale means you’re in a gray zone, and ToS changes can affect your stack overnight. Check it when you notice behavior changes.
treating all country numbers the same. number quality varies significantly. I’ve tracked new-account ban rates of under 5% on some Eastern European and Southeast Asian prefixes and over 40% on certain Indian VOIP providers. A/B test your number sources and drop anything consistently above 15%.
not separating account types. mixing high-risk automation accounts with community management accounts on the same infrastructure is a mistake. Segment by risk profile. If your automation accounts start getting flagged, you don’t want that activity associated with the accounts you care about long-term.
scaling this
10x (10-50 accounts). manual provisioning still works but becomes tedious. Set up a basic spreadsheet tracking session file, proxy assignment, country, registration date, and health status. AdsPower’s free tier handles ~5 profiles; you’ll need a paid plan at this stage. Budget $50-150/month on infrastructure.
100x (50-500 accounts). manual anything stops working. You need the Telethon scripted provisioning pipeline, a database instead of a spreadsheet, and automated health monitoring. Proxy costs become significant; negotiate volume pricing or move to a proxy provider with a flat-rate unlimited plan for the countries you use. Airdrop farming operators running at this scale often post their infrastructure setups on airdropfarming.org/blog/, which is worth tracking if your use case overlaps with crypto campaigns.
1000x (500+ accounts). at this point you’re running a small platform. You need account provisioning as a service rather than a script, distributed session storage (Redis or similar), and a proxy pool manager that handles rotation, health checks, and auto-replacement. The per-account economics get much better but operational complexity spikes. Dedicated mobile proxies from carriers with clean ASNs become worth the cost. You’ll also want legal review of what you’re doing with these accounts, since at this scale the regulatory surface area widens.
where to go next
- How to choose and test residential proxies for social accounts covers proxy vetting in detail, including how to test exit IP reputation before assigning to an account.
- SMS-Activate vs 5sim: which number service survives Telegram’s 2026 filters compares the two main providers on success rate and cost per verified account.
- The full article index has more platform-specific guides for operators.
Written by Xavier Fok
disclosure: this article may contain affiliate links. if you buy through them we may earn a commission at no extra cost to you. verdicts are independent of payouts. last reviewed by Xavier Fok on 2026-05-22.