We do not allow users to connect to our IRC network over open proxies. These are automatically detected by a network services bot.

What is a proxy?

A proxy is a piece of software that allows other computers to "bounce" connections through the computer it is installed on allowing other computers to access the internet through it. This can allow access to the internet from networks which do not have a direct internet connection.

So why aren't they allowed?

We have no problem with correctly configured proxies, they are sometimes the only way it is possible for someone to gain internet access. However when a proxy is misconfigured to allow access to anyone on the internet (often called an open proxy) it can be used by anyone on the internet to "bounce" their connections through your system. This type of misconfigured proxy is an annoyance to the internet community as a whole because they allow abusers to hide behind someone else's address. This can be abused by spammers to anonymously send unsolicitied email ("spam"), to anonymously connect to a chat network such as IRC or to access (and possibily abuse) websites in an anonymous fashion.

How does this affect IRC?

If you have been on IRC for any length of time, you have probably seen an attack using open proxies at least once. Hundreds of clients will enter a channel, often with random nick names, and start sending large amounts of coloured channel and CTCP messages. Commonly they will leave and join the channel rapidly in order to cause more disruption.

Without completely locking up the channel, there is no effective way to stop the flood. Even if the channel is locked up, the floods of text can be sent to individual users and will usually be enough to disconnect them.

Most of these types of attacks use open proxies because open proxies are relatively easy to come by.  Lists of them are readily available over the Internet. So this is why many IRC networks do not allow them. If you have to use a proxy, it should be configured correctly.

How can I fix it?

There are many different types of proxy software, in all cases you need to make sure that your proxy is configured to only allow the IP addresses within your own network access to it. A proxy which does not allow external access is considered secure. There are some types of proxy such as tor which have the express purpose of allowing anonymous access to services and as a result we choose to competely deny access to IP addresses running tor exit nodes.

If you are not using any kind of proxy software then it is likely a trojan or virus has infected your system. We recommend you perform a full virus scan with up-to-date virus defintions. If you do not have a virus scanner try AVG Anti-Virus Free.

If you believe that a K:Line was set by our automated proxy detection in error, submit a K:Line appeal ticket at our support site giving your IP and any other information that could help to explain why the proxy detection was triggered.