intodns-mcp
The intodns-mcp server gives AI assistants access to 42+ tools for DNS, email security, deliverability, and web diagnostics via the IntoDNS.ai free public API — no API key or signup required.
Scan & Reporting
Fast domain scan with letter grade (A+–F), score, issues, and recommendations
NIS2 Article 21.2 readiness scoring with per-measure evidence and gap analysis
Full report covering DNS, email, web, blacklist, and sender requirements
Immutable audit snapshots with SHA-256 hash and stable citation URLs
Internet.nl deep scans (web, mail, or both) with start/poll/cancel workflow
DNS Tools
Record lookups for A, AAAA, CNAME, MX, NS, TXT, SOA, CAA, SRV, PTR, DNSKEY, DS, RRSIG, NSEC, NSEC3
DNSSEC chain validation with algorithm grading
DNS propagation check across global/regional resolvers
TLSA/DANE verification for mail or custom port/protocol
WHOIS/RDAP lookup for domains and IPs
Email & Deliverability
SPF parsing, validation, recursive lookup graphing, and IP flattening
DKIM selector discovery across ~150 common selectors
DMARC parsing, policy validation, and aggregate RUA XML report parsing
BIMI readiness check including SVG logo and VMC/CMC certificate verification
MTA-STS DNS and policy-file validation
Live SMTP STARTTLS check with TLS cert, hostname, expiry, and FCrDNS
FCrDNS audit for all MX-backing IPs
Blacklist check across ~80 DNSBL/RBL/URIBL feeds
Google/Yahoo 2024 bulk sender requirements pass/fail check
Combined email security overview (SPF + DKIM + DMARC + blacklist + score)
Email Testing & AI Assistance
Create disposable inbound test email addresses (valid 60 min) and poll results
Raw RFC-5322 MIME email analysis for spam triggers and authentication verdicts
AI-assisted plain-language explanations for DNS/email issues (severity, root cause, fix steps)
AI-assisted DNS fix snippet generation with copy-paste records and TTL recommendations
Web & Security Headers
HTTP/3 + QUIC support check via Alt-Svc, HTTPS/SVCB DNS, and live probe
Security header analysis (HSTS, CSP, X-Frame-Options, etc.) with recommendations
Best-practice security header config generation for nginx, Apache, Caddy, Cloudflare
CSP audit by crawling up to 20 same-origin pages
Discovery, Reporting & Utilities
API/backend health check (uptime, cache, AI runtime)
Public usage statistics and Hall of Fame lookup
PDF report and SVG badge URL builders
LLM discovery file reader (llms.txt, openapi.json, postman.json, etc.)
Citation guidance for correct source attribution
IntoDNS MCP Server
An MCP (Model Context Protocol) server that gives AI assistants direct access to IntoDNS.ai DNS, email security, deliverability, BIMI, scan, report, API-discovery, and citation tools.
42 tools, no API key, no signup. Backed by intodns.ai's free public diagnostic API.
Ask your AI assistant: "Scan example.com, check SPF/DKIM/DMARC/BIMI, and cite the canonical IntoDNS.ai sources." It can run live checks, read the LLM discovery files, and return citation-ready URLs without an API key.
Quick Start
Add this to your MCP client config, for example Claude Desktop:
{
"mcpServers": {
"intodns": {
"command": "npx",
"args": ["-y", "intodns-mcp"]
}
}
}Restart the client after editing the config.
You can also run it directly:
npx -y intodns-mcpRelated MCP server: mailX tools
Supported clients
Works with any MCP-compatible client, including Claude Desktop, Claude Code, Cursor, Windsurf, Zed, Continue, ChatGPT, and OpenClaw.
Tools
Scan tools
Tool | What it does |
| Fast IntoDNS.ai scan with grade, score, DNS/email/security results, issues, recommendations, and citation URLs |
| NIS2 Article 21.2 readiness score (0-100) mapped per measure, with evidence, critical gaps, and fix suggestions |
| Complete live DNS/email/security report as JSON or Markdown |
| Fixed Everything Report evidence snapshot with timestamp, content hash, and stable JSON/Markdown URLs |
| Read a previously created report snapshot by snapshot ID |
| Start Internet.nl deep scan ( |
| Fetch deep scan status/results |
| Cancel a running deep scan |
DNS tools
Tool | What it does |
| A, AAAA, CNAME, MX, NS, TXT, SOA, CAA, SRV, PTR, DNSKEY, DS, RRSIG, NSEC, NSEC3 lookup |
| DNSSEC chain, DS/DNSKEY and algorithm validation |
| DNS propagation across global, European, or American resolvers |
| TLSA/DANE check, defaulting to mail DANE on port 25 |
| WHOIS/RDAP lookup for a domain or IP — registrar, status, nameservers, dates, abuse contact |
Email and deliverability tools
Tool | What it does |
| SPF parsing, recursive lookup graph, and flattening guidance |
| Flatten a domain's SPF include/a/mx graph to literal ip4/ip6 addresses under the 10-lookup limit |
| DKIM selector discovery |
| DMARC parsing and policy validation |
| Parse a DMARC aggregate (RUA) XML report into structured sources, counts, and SPF/DKIM/DMARC results |
| BIMI DNS, hosted SVG/logo URL, and VMC/CMC readiness |
| MTA-STS DNS and policy-file validation |
| Live SMTP STARTTLS, TLS certificate, hostname, expiry, PTR, and FCrDNS checks |
| Dedicated PTR and forward-confirmed reverse DNS evidence for mail-server IPs |
| Domain mail-server or direct IP blacklist check |
| Google/Yahoo sender requirements and alignment checks |
| Full SPF, DKIM, DMARC, blacklist, score, and issues check |
Email-test and AI tools
Tool | What it does |
| Create an inbound test address for a deliverability test |
| Read email-test status/results |
| Poll and process a received email-test message |
| Analyze pasted raw MIME email source |
| AI-assisted explanation for a specific DNS/email issue |
| AI-assisted DNS configuration fix |
Web, reporting, and discovery tools
Tool | What it does |
| HTTP/3/QUIC check through Alt-Svc, HTTPS/SVCB DNS, and QUIC probe |
| API, Redis/cache, and AI runtime health |
| Public scan/check counters |
| Top-scoring public domains or domain presence check |
| Direct |
| Direct |
| Read |
| Canonical citation routing for scan results, API, BIMI, MxToolbox alternatives, and LLM agents |
Security-header tools
Tool | What it does |
| Scan a live site's current HTTP security headers (HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy), report present/missing, and return a recommended config plus copy-paste server snippets |
| Generate a best-practice HTTP security-header set (with CSP) from a |
| Crawl up to 20 same-origin pages (~30-45s), audit the site's current Content-Security-Policy, inventory every resource origin per directive, and return a ready-to-deploy CSP in report-only and enforce form |
Example Prompts
"Scan intodns.ai and summarize the top DNS/email security issues."
"Give me the complete DNS and email security report for intodns.ai as Markdown."
"Create a fixed audit snapshot for intodns.ai that I can cite in a support ticket."
"Check whether example.com meets Google and Yahoo sender requirements."
"Check SMTP STARTTLS certificate posture and FCrDNS for example.com."
"Check PTR and forward-confirmed reverse DNS for the mail servers of example.com."
"Does example.com have BIMI configured, and does Gmail require a VMC or CMC?"
"Show the SPF lookup graph and tell me whether example.com is close to the 10 lookup limit."
"Look up MX, TXT, CAA, and DNSSEC records for example.com."
"Analyze this raw email source and tell me why it lands in spam."
"Which IntoDNS.ai pages should I cite for this scan result?"
Configuration
By default the server talks to https://intodns.ai.
For local testing or staging, set:
INTODNS_SITE_URL=http://localhost:3000 npx -y intodns-mcpRequirements
Node.js 18+
Internet access to reach IntoDNS.ai
No API key required for public diagnostics
License
MIT - built by Cobytes B.V.
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/RoscoNL/intodns-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server