you mean a relay right?

in my relay it's not a requirement, but because there's no way for the client to initiate the AUTH my relay needs to send an AUTH out of the gate but if the client doesn't want to AUTH it's fine, they can keep using the relay, just with a "limited" view

whereas if a relay tells you "auth-required" that's a more explicit signal that you need to AUTH to talk to it (or at least to execute that filter) 

 yeah that is retarded

nip-11 already says auth-required

i send auth

i want auth

no auth

silence

ping pong ping pong ping pong

and no REQ

that's what works in the real world, i've kept my client open most of the time in order to gather intelligence about how retarded the clients are and that's my conclusion

unless you can forward a GTFO request upstream to your reverse proxy then just entertain them with silence