How do I use iDig DNS MCP Server?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@iDig DNS MCP Server email security audit for example.com token abc123" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

iDig DNS MCP Server

by kbhave

Overview Schema Related Servers Score Discussions

Python

Hybrid

iDig DNS MCP Server

A remote MCP server exposing 19 professional DNS diagnostic tools from the iDig API — built by Kedar Bhave ( Softricks ).

Connect any MCP-compatible AI client (Claude Desktop, Cursor, Windsurf, and more) to real DNS infrastructure. Diagnose outages, audit email security, validate DNSSEC, check SSL certificates, trace propagation across 16 global resolvers, and more — all in plain English.

Live endpoint: https://mcp.softricks.net/sse

Quickstart

Claude Desktop

Edit ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "idig-dns": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://mcp.softricks.net/sse"
      ]
    }
  }
}

Restart Claude Desktop. You'll see idig-dns appear under Connectors.

Cursor / Windsurf

Add to your MCP settings:

{
  "mcpServers": {
    "idig-dns": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://mcp.softricks.net/sse"
      ]
    }
  }
}

Authentication

All tools require a token parameter. Get your token at api.softricks.net/idig/docs.

Related MCP server: DNSDumpster MCP Server

Tools

Tool	Description
`dns_lookup`	Look up any DNS record type: A, AAAA, MX, NS, TXT, SOA, CAA, SRV, CNAME, DS, TLSA, HTTPS, SVCB
`resolve_check`	Resolution diagnostics — returns ok / nxdomain / servfail / timeout / degraded
`diagnose`	Full diagnosis combining resolution + DNSSEC — start here when something is broken
`email_security_audit`	SPF, DKIM, DMARC, and BIMI audit with A–F grade and prioritized fix recommendations
`mx_check`	MX health + provider detection (Google Workspace, M365, Proofpoint, 35+ providers)
`dnssec_validate`	DNSSEC chain of trust — returns secure / insecure / bogus / indeterminate
`dnssec_health`	Key inventory, signature expiry, algorithm assessment, rollover readiness
`propagation_check`	Check propagation across 16 global resolvers: Google, Cloudflare, Quad9, China, Korea, Russia
`ssl_check`	Certificate validity, expiry countdown, domain match, issuer, chain completeness
`ttl_check`	TTL advisory with step-by-step migration lowering plan
`zone_consistency`	Compare all authoritative nameservers — catches lame delegation and SOA mismatches
`subdomain_discover`	Probe 75 common subdomains + crt.sh Certificate Transparency logs — surfaces exposed dev/staging environments
`geo_lookup`	Geolocation, ISP, ASN, CDN detection, hosting flag
`domain_status`	EPP registrar lock status — transfer-ready, delete lock, serverHold, pendingDelete
`blacklist_check`	IP blacklist / DNSBL check — Spamhaus, Barracuda, SpamCop, SORBS, and more
`whois_lookup`	Parsed WHOIS data — registrar, expiry, domain age, nameservers, EPP status
`http_check`	HTTP/HTTPS reachability — status codes, redirect chain, HSTS, HTTP→HTTPS redirect
`zone_axfr`	AXFR zone transfer vulnerability check — tests if any NS allows public zone transfers
`dane_validate`	DANE/TLSA validation — cross-validates TLSA records against live TLS certificate

Example prompts

My emails are going to spam for example.com — token is YOUR_TOKEN

Did my DNS changes propagate yet for example.com? token: YOUR_TOKEN

Run a full security audit on example.com, token YOUR_TOKEN

Is the SSL cert for example.com about to expire? token YOUR_TOKEN

We're migrating example.com to a new host next week — are the TTLs safe? token YOUR_TOKEN

What subdomains does example.com have exposed? token YOUR_TOKEN

Are any of example.com's IPs on a blacklist? token YOUR_TOKEN

Get WHOIS info for example.com — token YOUR_TOKEN

Is example.com reachable over HTTPS? token YOUR_TOKEN

Check if example.com is vulnerable to zone transfers — token YOUR_TOKEN

Validate DANE/TLSA records for example.com — token YOUR_TOKEN

Architecture

Claude Desktop / Cursor / Windsurf
        │
        │  MCP over SSE
        ▼
mcp.softricks.net          ← Railway (always-on Python/FastMCP server)
        │
        │  HTTPS
        ▼
api.softricks.net/idig     ← AWS Lambda (iDig REST API)
        │
        │  DNS queries
        ▼
Live DNS infrastructure

Self-hosting

Clone this repo and deploy your own instance:

git clone https://github.com/kbhave/MCP-Service-iDig
cd MCP-Service-iDig
pip install -r requirements.txt
python mcp_server.py

Or deploy to Railway in one click — connect your GitHub repo and Railway handles the rest.

Requirements:

Python 3.11+
mcp==1.26.0
httpx

iDig REST API docs: https://api.softricks.net/idig/docs
DNS Doctor AI Agent: https://agent.softricks.net
iOS App: https://apps.apple.com/us/app/softricks-idig/id522550738

License

MIT

This server cannot be installed

license - not found

quality - not tested

maintenance

How are these scores calculated?

Maintenance

–Maintainers

–Response time

–Release cycle

–Releases (12mo)

Commit activity

Resources

GitHub Repository

Need Help?

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/kbhave/MCP-Service-iDig'

If you have feedback or need assistance with the MCP directory API, please join our Discord server