How to Check and Verify Proxy Server Settings

A proxy server acts as an intermediary between a client and a destination server, forwarding requests on behalf of the client. Proxies serve a wide range of purposes -- from corporate network security and content filtering to privacy protection and geographic access management. A proxy checker is a tool that verifies whether a proxy server is functional, determines its type, and assesses its anonymity level.

Understanding how to perform a proxy check is important not only for network administrators managing proxy infrastructure but also for email professionals, since proxy and VPN usage directly affects IP reputation and email deliverability.

Types of Proxy Servers

HTTP Proxies

HTTP proxies handle web traffic on port 80 (or 8080). They can read and modify HTTP headers, cache content, and filter requests. Most corporate web filtering solutions operate as HTTP proxies.

HTTPS (CONNECT) Proxies

These proxies support the HTTP CONNECT method, creating a tunnel for encrypted TLS traffic. The proxy cannot inspect the encrypted payload, making it suitable for secure browsing. However, enterprise environments may deploy HTTPS proxies with certificate interception (often called SSL inspection) to analyze encrypted traffic.

SOCKS4 and SOCKS5 Proxies

SOCKS proxies operate at a lower level than HTTP proxies, supporting any TCP traffic (and UDP in the case of SOCKS5). They do not interpret the traffic they forward, making them protocol-agnostic. SOCKS5 also supports authentication and IPv6. These are commonly used for applications beyond web browsing, including email clients and torrent software.

Transparent Proxies

Transparent proxies intercept traffic without requiring client configuration. They pass the client's real IP address in the X-Forwarded-For header. ISPs and corporate networks frequently use transparent proxies for caching and content filtering.

Proxy Anonymity Levels

Proxy checkers typically classify proxies into three anonymity tiers:

• Transparent (Level 3). The destination server sees the proxy's IP but also receives the client's real IP via headers like X-Forwarded-For or Via. No anonymity is provided.
• Anonymous (Level 2). The destination server sees the proxy's IP and knows a proxy is in use (via the Via header) but does not receive the client's real IP.
• Elite / High Anonymity (Level 1). The destination server sees only the proxy's IP with no indication that a proxy is being used. No X-Forwarded-For, Via, or other proxy-identifying headers are sent.

How to Perform a Proxy Check

Manual Verification

You can test a proxy manually using curl:

# Test an HTTP proxy
curl -x http://proxy.example.com:8080 https://httpbin.org/ip

# Test a SOCKS5 proxy
curl --socks5 proxy.example.com:1080 https://httpbin.org/ip

The response will show the IP address the destination server sees. If it matches the proxy's IP rather than your real IP, the proxy is working.

Checking System Proxy Settings

Windows: Settings > Network & Internet > Proxy. Check both "Automatic proxy setup" and "Manual proxy setup" sections.

macOS: System Settings > Network > select your connection > Proxies.

Linux: Check environment variables http_proxy, https_proxy, and no_proxy. Many distributions also have GUI settings under Network configuration.

What a Proxy Checker Evaluates

A comprehensive proxy checker tests for:

• Connectivity. Can the proxy accept connections and forward traffic?
• Speed. What is the latency and throughput through the proxy?
• Anonymity level. Does the proxy leak the client's real IP?
• Protocol support. Does it support HTTP, HTTPS, SOCKS4, or SOCKS5?
• Geographic location. Where is the proxy's IP address located?
• Blacklist status. Is the proxy's IP listed on any reputation blacklists?

Proxies and Email Deliverability

The intersection of proxy usage and email infrastructure matters more than many administrators realize:

IP reputation impact. Proxy server IP addresses, especially those on shared or public proxy lists, frequently appear on IP blacklists. If your outbound mail server shares an IP range with known open proxies, your deliverability may suffer. Check your sending IP's reputation with our IP Reputation tool.

Open proxy blacklists. Several DNS-based blacklists (DNSBLs) specifically target open proxy IP addresses. Being listed on these can cause email from nearby IP ranges to be flagged. Major providers like Gmail and Outlook reference these lists as part of their spam filtering.

SMTP through proxies. Routing SMTP traffic through a proxy is technically possible but introduces latency, potential points of failure, and reputation risks. Direct SMTP connections from a clean, dedicated IP remain the best practice for production mail systems.

Webmail access patterns. Users accessing webmail through proxies or VPNs may trigger security alerts from providers like Gmail (unusual activity warnings) or Microsoft 365 (conditional access policy blocks). This is particularly relevant in corporate environments with split-tunnel VPN configurations.

Best Practices

1. Never send production email through proxy servers. Use dedicated IPs with established reputation.
2. Monitor your sending IPs for proximity to known proxy addresses using our IP Reputation tool.
3. Audit your network for unintentional open proxies. Misconfigured web servers or application proxies can be exploited and lead to blacklisting.
4. Document proxy configurations for your organization. Knowing what proxies are in use prevents troubleshooting dead ends when connectivity or deliverability issues arise.

Stay on top of your email infrastructure. Sign up for the InboxTooling newsletter for deliverability tips, tool updates, and best practices.