<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Alexey Leshchenko</title>
    <description>The latest articles on DEV Community by Alexey Leshchenko (@alexey_leshchenko_fc0ec66).</description>
    <link>https://dev.to/alexey_leshchenko_fc0ec66</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3619356%2F328d66a1-f1c6-4bc8-941d-59ae4d58619c.jpg</url>
      <title>DEV Community: Alexey Leshchenko</title>
      <link>https://dev.to/alexey_leshchenko_fc0ec66</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/alexey_leshchenko_fc0ec66"/>
    <language>en</language>
    <item>
      <title>5 Levels of Telegram Spam Your Anti-Spam Bot Isn't Catching</title>
      <dc:creator>Alexey Leshchenko</dc:creator>
      <pubDate>Sun, 31 May 2026 22:50:07 +0000</pubDate>
      <link>https://dev.to/alexey_leshchenko_fc0ec66/5-levels-of-telegram-spam-your-anti-spam-bot-isnt-catching-3311</link>
      <guid>https://dev.to/alexey_leshchenko_fc0ec66/5-levels-of-telegram-spam-your-anti-spam-bot-isnt-catching-3311</guid>
      <description>&lt;p&gt;Telegram spam has evolved far beyond the "Hi, I'm a hot girl, check my channel" messages most group admins are used to. In 2025-2026, spam operations have become sophisticated enough to bypass the vast majority of popular anti-spam bots.&lt;/p&gt;

&lt;p&gt;Over the past year of running @ai_spam_blocker_bot — an AI-powered anti-spam bot that moderates 100+ Telegram groups — we've observed five distinct levels of spam sophistication.&lt;/p&gt;

&lt;p&gt;Here's what they are and how to think about each one.&lt;/p&gt;




&lt;h2&gt;
  
  
  Level 1: Naked Spam (The Easy Catch)
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;How most bots handle it:&lt;/strong&gt; Trivially — this is what they were designed for.&lt;/p&gt;

&lt;p&gt;This is the spam everyone knows: unsolicited links to crypto exchanges, explicit channels, and "earn $10,000 a day" offers. It's obvious, repetitive, and easy to filter with keyword lists, regex, or simple ML classifiers.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Example:&lt;/strong&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;"Hey guys check out this new crypto signal &lt;a href="https://t.me/" rel="noopener noreferrer"&gt;https://t.me/&lt;/a&gt;... It already made me 3 BTC!!!"&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Most built-in Telegram filters and entry-level bots handle this well. Nothing new here.&lt;/p&gt;




&lt;h2&gt;
  
  
  Level 2: Text Masquerading (The First Blind Spot)
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;How most bots handle it:&lt;/strong&gt; Inconsistently — regex catches some variants but misses others.&lt;/p&gt;

&lt;p&gt;Spammers learned that keyword-based filters can be fooled by modifying the text:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Transliteration:&lt;/strong&gt; "r3g1st3r" (Latin letters replaced with lookalike numbers)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Homoglyphs:&lt;/strong&gt; "g00gle.c0m" (number 0 for letter O)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Character substitution:&lt;/strong&gt; "fr33 m0n3y" (e→3, o→0 numeric substitutions)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Space injection:&lt;/strong&gt; "j o i n  m y  c h a n n e l"&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Zero-width characters:&lt;/strong&gt; Invisible characters inserted between letters&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Neural moderation catches these because it works on semantic embeddings, not character-level patterns. A transformer model understands semantic meaning — it sees that "r3g1st3r" has the same intent as "register" regardless of character substitutions.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The catch:&lt;/strong&gt; Most anti-spam bots still rely on regex and keyword lists. They miss the majority of Level 2 attacks.&lt;/p&gt;




&lt;h2&gt;
  
  
  Level 3: Social Engineering Bots (The Human Mimic)
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;How most bots handle it:&lt;/strong&gt; Poorly — they rely on keyword matching that doesn't apply here.&lt;/p&gt;

&lt;p&gt;This is where spammers start using automated accounts that behave like real users. The bot joins a group, waits 2-24 hours, then posts plausible-looking messages.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Common patterns:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;"Cool channel, thanks for the invite! By the way, does anyone know a good crypto exchange?" (innocent question → gradually introducing spam)&lt;/li&gt;
&lt;li&gt;"@user you might be interested in this https://..." (replying to real conversations)&lt;/li&gt;
&lt;li&gt;Asking genuinely relevant questions to a real user, then switching to spam in DMs&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Why most bots fail here:&lt;/strong&gt; Rule-based systems look for spam keywords or posting frequency. A bot that posts 3 innocent messages before the spam link looks completely normal to a keyword filter. The spam link itself might use Level 2 obfuscation too.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Real case:&lt;/strong&gt; A spam bot joined a 500-member tech group, posted a seemingly innocent comment about Python frameworks, and interested members DM'd the bot for details — the "lucrative freelance offer" led to a crypto drainer. The anti-spam bot at the time only checked public messages — it didn't flag the comment because it contained no spam keywords. The DMs themselves were invisible to it, but the attack started with a public message that should have been caught.&lt;/p&gt;

&lt;p&gt;The key insight: the old bot checked public messages — but only with keyword filters. An AI-based bot that analyzes message &lt;em&gt;content and intent&lt;/em&gt; would have flagged that same comment as suspicious, even without spam keywords. The difference isn't &lt;em&gt;where&lt;/em&gt; the bot looks — it's &lt;em&gt;how&lt;/em&gt; it evaluates what it sees. No group-level bot can block DMs, but deleting the initial public comment breaks the attack before anyone ever reaches out.&lt;/p&gt;




&lt;h2&gt;
  
  
  Level 4: Neurocommenting (LLM-Powered Spam)
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;How most bots handle it:&lt;/strong&gt; This requires semantic understanding — most bots don't have it.&lt;/p&gt;

&lt;p&gt;This is the current frontier. Spammers use LLMs (GPT, Claude, open-source models) to generate context-aware, grammatically perfect comments that pass as legitimate users.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How it works:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;The spam operator sets up a pipeline:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Scrape the target group's recent messages (topic, language, tone)&lt;/li&gt;
&lt;li&gt;Feed them to an LLM with a prompt like: "Write a natural-looking comment for a Telegram group about [topic]. Mention [product/service] naturally in the second sentence."&lt;/li&gt;
&lt;li&gt;Post the generated comment via a real-looking account&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;&lt;strong&gt;What makes it hard to detect:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;The text is unique (no duplicates to match against)&lt;/li&gt;
&lt;li&gt;Grammar and style match the group's conversation&lt;/li&gt;
&lt;li&gt;No obvious spam keywords — the link is embedded naturally&lt;/li&gt;
&lt;li&gt;The same message is never reused&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Tools fueling this trend:&lt;/strong&gt; Platforms like &lt;a href="https://personym-ai.com/" rel="noopener noreferrer"&gt;PersonymAI&lt;/a&gt; and &lt;a href="https://gramgpt.io/en/" rel="noopener noreferrer"&gt;GramGPT&lt;/a&gt; offer turnkey neurocommenting services. &lt;a href="https://mangoproxy.com/blog/telegram-neurocommenting/" rel="noopener noreferrer"&gt;MangoProxy's guide on Telegram neurocommenting&lt;/a&gt; shows just how accessible this has become.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;A 2024 study by Kireev et al. (arXiv: 2406.08084, later accepted at USENIX Security '25) showed that LLM-generated spam achieves engagement rates comparable to legitimate promotional content while evading NLP-based classifiers.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;&lt;strong&gt;How to counter this:&lt;/strong&gt; The key insight is that LLM-generated text, while semantically coherent, has subtle statistical signatures. Effective detection looks at behavioral signals alongside content — account age, first message patterns, response consistency, and cross-reference with known spam profiles.&lt;/p&gt;




&lt;h2&gt;
  
  
  Level 5: Multi-Stage Attacks ("Spam Theater")
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;How most bots handle it:&lt;/strong&gt; Not at all — no single message looks suspicious.&lt;/p&gt;

&lt;p&gt;This is the most sophisticated spam we've seen — a coordinated multi-stage attack that can run for hours or days before the actual spam payload is delivered.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Real case study — Crypto Escrow Spam Theater:&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Over several hours in a large Telegram group, the following unfolded:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Act 1 — The Setup:&lt;/strong&gt; Three accounts (different IPs, different registration dates) join the group at different times. One posts a seemingly innocent question: "Is anyone here familiar with crypto escrow services?"&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Act 2 — The Endorsement:&lt;/strong&gt; 15-20 minutes later, a second account replies with a detailed, technically-sound explanation of crypto escrow, naturally mentioning a specific service name.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Act 3 — Social Proof:&lt;/strong&gt; A third account replies: "I've used {service} before. Legit. They helped me recover funds from a scam exchange." This looks like genuine peer endorsement — because that's exactly what it's designed to look like.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Act 4 — The Conversion:&lt;/strong&gt; Over the next hour, 5-7 more accounts "try" the service in the chat, reporting positive results. New members who join the group are DMed by these accounts asking if they need help with crypto escrow.&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;The entire operation ran for 8 hours, involved 15+ coordinated accounts, and looked completely organic to any observer. Traditional anti-spam tools detected exactly zero of these messages because each individual message was benign.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why traditional detection fails:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;No single message contains spam content or links&lt;/li&gt;
&lt;li&gt;Accounts have realistic profiles (Bio, profile photo, past messages in other groups)&lt;/li&gt;
&lt;li&gt;Reply threading makes the conversation look organic&lt;/li&gt;
&lt;li&gt;The spam payload (DM with scam link) happens outside the group — the anti-spam bot only checks public messages, so the DM itself is invisible to any group-level moderation&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;How to counter Level 5:&lt;/strong&gt; Cross-message correlation — identifying that multiple accounts are operating in a coordinated pattern. This requires temporal analysis (messages that follow a suspicious sequence), account graph analysis (do these accounts appear together in other groups?), and behavioral profiling (accounts that suddenly change their posting pattern).&lt;/p&gt;




&lt;h2&gt;
  
  
  Why Most Anti-Spam Bots Stop at Level 2
&lt;/h2&gt;

&lt;p&gt;The vast majority of Telegram anti-spam solutions — regardless of brand — rely on one of three methods: keyword blacklists, regex pattern matching, or captcha gates.&lt;/p&gt;

&lt;p&gt;All three are effective against the first two levels but share a fundamental limitation: they operate on surface features of a single message, not on meaning, behavior, or patterns across accounts. A perfectly spelled, context-aware comment that doesn't contain a blacklisted keyword will pass every one of these checks.&lt;/p&gt;

&lt;p&gt;AI-based analysis — using transformer models that understand semantic meaning rather than exact text — is currently the only approach that can address Levels 3-5. The tradeoff is computational cost and the complexity of false positive tuning.&lt;/p&gt;

&lt;p&gt;The fundamental problem: most mainstream anti-spam bots still rely on architectures from 2022-2023, when Levels 3-5 were rare. In 2025-2026, neurocommenting is offered as a commercial service, and multi-stage attacks are increasingly common for any group with a significant audience.&lt;/p&gt;




&lt;h2&gt;
  
  
  What Actually Works Against Modern Telegram Spam
&lt;/h2&gt;

&lt;p&gt;After 12+ months of running AI-powered moderation, here's what we've found effective:&lt;/p&gt;

&lt;h3&gt;
  
  
  1. Neural Content Analysis
&lt;/h3&gt;

&lt;p&gt;A transformer-based model (trained on a curated dataset covering all five spam levels) that:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Works on semantic meaning, not keywords&lt;/li&gt;
&lt;li&gt;Detects paraphrased spam variants&lt;/li&gt;
&lt;li&gt;Handles transliteration and homoglyphs natively&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  2. Behavioral Profiling
&lt;/h3&gt;

&lt;p&gt;For every account that joins a group, the system builds a profile:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Account age (Telegram's &lt;code&gt;registration_date&lt;/code&gt; — available via MTProto API for bots that have it enabled)&lt;/li&gt;
&lt;li&gt;Response patterns (reply speed, thread joining behavior)&lt;/li&gt;
&lt;li&gt;Anonymized cross-group signals (does this account appear in known spam groups? — no raw message data is shared between group owners)&lt;/li&gt;
&lt;li&gt;Anomaly detection (sudden topic changes, unnatural language switching)&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  3. Probation-Based Moderation
&lt;/h3&gt;

&lt;p&gt;One of the most effective patterns we've implemented: new accounts get a &lt;strong&gt;probation period&lt;/strong&gt; where their messages auto-delete if they match certain risk criteria. This alone catches the majority of Level 3-4 attacks because spam accounts almost never wait out a probation period.&lt;/p&gt;

&lt;h3&gt;
  
  
  4. Cross-User Correlation
&lt;/h3&gt;

&lt;p&gt;When multiple accounts with correlated join times, similar device fingerprints, and complementary posting patterns appear in the same group, the system flags the entire cluster for review. This is the only effective defense against Level 5 "spam theater" attacks.&lt;/p&gt;

&lt;h3&gt;
  
  
  5. Edit Re-Check
&lt;/h3&gt;

&lt;p&gt;A common evasion technique: post a benign message, wait for it to pass moderation, then edit it to contain the spam link. The bot re-checks edited messages against the same neural model — a feature most bots don't implement.&lt;/p&gt;




&lt;h2&gt;
  
  
  The Bottom Line
&lt;/h2&gt;

&lt;p&gt;Telegram spam is rapidly becoming an AI-vs-AI problem. The days when a keyword blacklist and a captcha were sufficient defense are over. Group admins with a significant audience should assume they're being targeted by Levels 3-5 attacks right now — they just don't know it because the messages bypass their current protection.&lt;/p&gt;

&lt;p&gt;For a deeper look at real spam case studies (with screenshots), follow &lt;a href="https://t.me/ai_antispam_en" rel="noopener noreferrer"&gt;@ai_antispam_en&lt;/a&gt; — we post technical breakdowns of every new attack pattern we detect.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;This article is based on 12+ months of operating @ai_spam_blocker_bot — an AI anti-spam bot for Telegram groups and channels.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>telegram</category>
      <category>spam</category>
      <category>cybersecurity</category>
      <category>ai</category>
    </item>
    <item>
      <title>Free 17,500 LLM Requests a Day</title>
      <dc:creator>Alexey Leshchenko</dc:creator>
      <pubDate>Wed, 04 Feb 2026 12:33:18 +0000</pubDate>
      <link>https://dev.to/alexey_leshchenko_fc0ec66/free-17500-llm-requests-a-day-2an5</link>
      <guid>https://dev.to/alexey_leshchenko_fc0ec66/free-17500-llm-requests-a-day-2an5</guid>
      <description>&lt;h2&gt;
  
  
  The Problem: Rate Limits Kill Projects
&lt;/h2&gt;

&lt;p&gt;We’ve all been there. You’re building a bot or research tool, and just when it gets interesting, you hit a rate limit or your credits run out. Everything goes dark, and it's incredibly frustrating.&lt;/p&gt;

&lt;p&gt;The fix isn't finding one "perfect" free API. It’s about building a system that treats every provider as a disposable spare part. I built a Go-based gateway that handles 17,500+ requests a day for $0. Here’s how.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Backstory: Tired of Broken Bots
&lt;/h2&gt;

&lt;p&gt;I didn't actually want to write a Go service; I did it because I was sick of my antispam bot crashing.&lt;/p&gt;

&lt;p&gt;I started with Python and n8n, which worked for about five minutes. As traffic grew, the setup crumbled. Free models on OpenRouter changed weekly, and my bot would quit whenever an API vanished. I tried Cloudflare’s AI Gateway, but it disconnected under heavy load. To get 100% uptime on a budget, I had to build a tool I could actually control.&lt;/p&gt;

&lt;p&gt;The real hurdle was my hardware: a $3/month VDS with 700MB of RAM. Tools like LiteLLM used half my memory just idling. I needed a lightweight binary that could handle thousands of requests without a sweat.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Plan: Building a "Meta-Tier"
&lt;/h2&gt;

&lt;p&gt;Instead of relying on one provider, I grouped several free APIs into a "Meta-Tier." If one provider throttles or goes offline, the gateway instantly moves to the next one.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz5i2tfzfbwvlrwlm2dmi.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz5i2tfzfbwvlrwlm2dmi.png" alt="Aggregation of Free Tiers" width="800" height="358"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The Capacity Breakdown:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Groq (Free)&lt;/strong&gt;: ~15,000 Req/Day (Llama 3.3 70B) — Industry-leading inference speed.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Gemini (AI Studio)&lt;/strong&gt;: 1,500 Req/Day (Gemini 1.5 Flash) — Massive context window.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;OpenRouter&lt;/strong&gt;: 1,000 Req/Day (GPT-OSS / Qwen) — Access to niche/experimental models.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Mistral (Exp)&lt;/strong&gt;: Variable Capacity (Mistral Small) — Excellent for complex logic fallback.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Total: &lt;strong&gt;17,500+ Requests for $0.00/month&lt;/strong&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  How the Gateway Works
&lt;/h2&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjdp1j5koln9gacyqx4p5.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjdp1j5koln9gacyqx4p5.png" alt="How the Gateway Works - Request Flow" width="794" height="518"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;This is a specialized load balancer designed for LLM-specific failures. Since we want to keep things lean, we avoid complex visual libraries and stick to a robust request flow:&lt;/p&gt;

&lt;h3&gt;
  
  
  The Request Flow:
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Client (Bot/App)&lt;/strong&gt; → Sends HTTPS request to Nginx.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Nginx&lt;/strong&gt; → Proxies via Unix Socket to the Go Gateway.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Go Gateway&lt;/strong&gt; → Performs internal Auth &amp;amp; Token check.

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Sequential Rotator&lt;/strong&gt; → Picks the first available provider (e.g., Groq).&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Failover Logic&lt;/strong&gt; → If Provider A returns a 429 (Rate Limit), the Gateway instantly retries with Provider B (Gemini) or Provider C (OpenRouter).&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Logging&lt;/strong&gt; → Every success and failure is saved as structured JSON for monitoring.&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;h2&gt;
  
  
  Why Go?
&lt;/h2&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjvdr0v3juiky5tfkl20h.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjvdr0v3juiky5tfkl20h.png" alt="Go is lightweight" width="542" height="506"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The 700MB RAM limit dictated the architecture. Python is too bloated for this hardware. This Go gateway is a small binary that sips ~15MB of RAM, leaving the rest of the server for your actual apps.&lt;/p&gt;

&lt;h2&gt;
  
  
  Catching the Errors
&lt;/h2&gt;

&lt;p&gt;The "brain" is a Sequential Rotator that is "429-aware." When a provider returns a rate-limit error, the gateway catches it and retries with the next provider in milliseconds. Your application never sees the failure.&lt;/p&gt;

&lt;h2&gt;
  
  
  🚀 Get it Running
&lt;/h2&gt;

&lt;p&gt;First off, clone &lt;a href="https://github.com/leshchenko1979/ai-gateway" rel="noopener noreferrer"&gt;https://github.com/leshchenko1979/ai-gateway&lt;/a&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  1. Setup
&lt;/h3&gt;

&lt;p&gt;Copy the example config and add your API keys.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;cp config.yaml.example config.yaml
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  2. Install
&lt;/h3&gt;

&lt;p&gt;Skip Docker to save resources. Use the script to build and install the systemd service.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;./install.sh build
./install.sh install-service
sudo systemctl start ai-gateway
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  3. Remote Deploy
&lt;/h3&gt;

&lt;p&gt;Deploy from your local machine straight to your server.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;cp .env.example .env
SSH_HOST=your-server.com ./install.sh deploy
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h2&gt;
  
  
  Monitoring
&lt;/h2&gt;

&lt;p&gt;The gateway logs everything in JSON. Run&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;journalctl -u ai-gateway -f 
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;to watch it swap providers in real-time as rate limits are reached.&lt;/p&gt;

&lt;h2&gt;
  
  
  Try it Out
&lt;/h2&gt;

&lt;p&gt;Once running, the stack works like a single OpenAI-compatible endpoint:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;curl http://localhost:8080/v1/chat/completions \
  -H "Authorization: Bearer YOUR_INTERNAL_TOKEN" \
  -d '{"model": "gpt-oss-120b", "messages": [{"role": "user", "content": "Hello!"}]}'
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;By owning this layer, you've built a private "meta-tier" that’s more reliable than any single API on its own.&lt;/p&gt;

&lt;p&gt;See the repo: &lt;a href="https://github.com/leshchenko1979/ai-gateway" rel="noopener noreferrer"&gt;https://github.com/leshchenko1979/ai-gateway&lt;/a&gt;&lt;/p&gt;

</description>
      <category>ai</category>
      <category>api</category>
      <category>go</category>
      <category>llm</category>
    </item>
    <item>
      <title>How I Built an MCP Server to Give AI Assistants Real Telegram Powers</title>
      <dc:creator>Alexey Leshchenko</dc:creator>
      <pubDate>Wed, 19 Nov 2025 17:15:17 +0000</pubDate>
      <link>https://dev.to/alexey_leshchenko_fc0ec66/how-i-built-an-mcp-server-to-give-ai-assistants-real-telegram-powers-28d</link>
      <guid>https://dev.to/alexey_leshchenko_fc0ec66/how-i-built-an-mcp-server-to-give-ai-assistants-real-telegram-powers-28d</guid>
      <description>&lt;p&gt;I've been working on AI integrations for a while, and one thing always bugged me: why can't AI assistants just... use Telegram like humans do? Search conversations, send messages, manage contacts - without all the complexity.&lt;/p&gt;

&lt;p&gt;Building &lt;strong&gt;fast-mcp-telegram&lt;/strong&gt; was my answer. It's a complete MCP server that lets AI assistants interact with Telegram naturally.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Problem I Needed to Solve
&lt;/h2&gt;

&lt;p&gt;Working with AI assistants, I kept running into limitations. They could analyze data, but actually using Telegram was clunky. Direct API calls required complex session management, bot frameworks were for user-facing chatbots, and search tools couldn't send messages or manage contacts.&lt;/p&gt;

&lt;p&gt;I needed something that gave AI assistants full Telegram capabilities in a natural way.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Makes This Different
&lt;/h2&gt;

&lt;p&gt;After trying various approaches, I built something specifically for AI assistants:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;MCP Tools&lt;/strong&gt;: Direct Telegram access through the &lt;code&gt;invoke_mtproto&lt;/code&gt; tool and standard messaging/search functions&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;HTTP Bridge&lt;/strong&gt;: For no-code tools like n8n and Make.com that can't use MCP directly&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Web Setup&lt;/strong&gt;: Handles authentication and generates config files automatically&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Production Support&lt;/strong&gt;: Bearer tokens, session isolation, and proper error handling&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Smart Search&lt;/strong&gt;: Multi-query support with deduplication and filtering for AI assistants&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Full Messaging&lt;/strong&gt;: Send, edit, reply, share files, even message phone numbers not in contacts&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;File Handling&lt;/strong&gt;: Works with URLs or local files, handles security and albums&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Where This Fits In
&lt;/h2&gt;

&lt;p&gt;Other Telegram projects solve specific problems:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Search tools are great for finding messages, but can't send replies or manage contacts&lt;/li&gt;
&lt;li&gt;Bot frameworks work for user-facing chatbots, but not for AI assistants needing programmatic access&lt;/li&gt;
&lt;li&gt;Other MCP servers connect specific tools; this brings the entire Telegram ecosystem to AI assistants via direct MTProto API access&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Getting Started
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Try the live demo&lt;/strong&gt;: &lt;a href="https://tg-mcp.redevest.ru/setup" rel="noopener noreferrer"&gt;https://tg-mcp.redevest.ru/setup&lt;/a&gt; - log in and download a config file, no installation needed.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;For developers&lt;/strong&gt;:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;pip &lt;span class="nb"&gt;install &lt;/span&gt;fast-mcp-telegram
fast-mcp-telegram-setup &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--api-id&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s2"&gt;"your_api_id"&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--api-hash&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s2"&gt;"your_api_hash"&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--phone-number&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s2"&gt;"+123456789"&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Full docs: &lt;a href="https://github.com/leshchenko1979/fast-mcp-telegram/#readme" rel="noopener noreferrer"&gt;https://github.com/leshchenko1979/fast-mcp-telegram/#readme&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  What I Use It For
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Daily news summaries&lt;/strong&gt;: n8n automation searches my subscribed channels for the last 24 hours and sends AI-summarized digests&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Smart spam detection&lt;/strong&gt;: Uses HTTP-MTProto Bridge to get full user profiles (beyond regular Bot API) for better spam scoring&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Content creation&lt;/strong&gt;: AI assistants analyze my previous posts' formatting to maintain consistent style&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Customer service&lt;/strong&gt;: AI can respond to Telegram inquiries instead of just reading them&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Research workflows&lt;/strong&gt;: Search across channels and summarize findings&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Wrapping Up
&lt;/h2&gt;

&lt;p&gt;This started as a solution to my own AI-Telegram integration frustrations. The MCP protocol makes it natural for AI assistants to use, and the full feature set enables real applications beyond just demos.&lt;/p&gt;

&lt;p&gt;If this sounds useful, try the demo - setup takes 2 minutes.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Demo&lt;/strong&gt;: &lt;a href="https://tg-mcp.redevest.ru/setup" rel="noopener noreferrer"&gt;https://tg-mcp.redevest.ru/setup&lt;/a&gt;&lt;br&gt;
&lt;strong&gt;GitHub&lt;/strong&gt;: &lt;a href="https://github.com/leshchenko1979/fast-mcp-telegram" rel="noopener noreferrer"&gt;https://github.com/leshchenko1979/fast-mcp-telegram&lt;/a&gt;&lt;br&gt;
&lt;strong&gt;Docs&lt;/strong&gt;: &lt;a href="https://github.com/leshchenko1979/fast-mcp-telegram/blob/master/docs/" rel="noopener noreferrer"&gt;https://github.com/leshchenko1979/fast-mcp-telegram/blob/master/docs/&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;This post is AI-assisted. But nowadays, everything is, right?&lt;/em&gt;&lt;/p&gt;

</description>
      <category>telegram</category>
      <category>mcp</category>
      <category>ai</category>
    </item>
  </channel>
</rss>
