Command Palette

Search for a command to run...

UnylyUnyly
Browse all

IDig DNS Server

FreeNot checked

Exposes 19 professional DNS diagnostic tools from the iDig API, enabling AI clients to perform DNS lookups, email security audits, DNSSEC validation, propagatio

GitHubEmbed

About

Exposes 19 professional DNS diagnostic tools from the iDig API, enabling AI clients to perform DNS lookups, email security audits, DNSSEC validation, propagation checks, and more through natural language.

README

A remote MCP server exposing 19 professional DNS diagnostic tools from the iDig API — built by Kedar Bhave ( Softricks ).

Connect any MCP-compatible AI client (Claude Desktop, Cursor, Windsurf, and more) to real DNS infrastructure. Diagnose outages, audit email security, validate DNSSEC, check SSL certificates, trace propagation across 16 global resolvers, and more — all in plain English.

Live endpoint: https://mcp.softricks.net/sse


Quickstart

Claude Desktop

Edit ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "idig-dns": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://mcp.softricks.net/sse"
      ]
    }
  }
}

Restart Claude Desktop. You'll see idig-dns appear under Connectors.

Cursor / Windsurf

Add to your MCP settings:

{
  "mcpServers": {
    "idig-dns": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://mcp.softricks.net/sse"
      ]
    }
  }
}

Authentication

All tools require a token parameter. Get your token at api.softricks.net/idig/docs.


Tools

Tool Description
dns_lookup Look up any DNS record type: A, AAAA, MX, NS, TXT, SOA, CAA, SRV, CNAME, DS, TLSA, HTTPS, SVCB
resolve_check Resolution diagnostics — returns ok / nxdomain / servfail / timeout / degraded
diagnose Full diagnosis combining resolution + DNSSEC — start here when something is broken
email_security_audit SPF, DKIM, DMARC, and BIMI audit with A–F grade and prioritized fix recommendations
mx_check MX health + provider detection (Google Workspace, M365, Proofpoint, 35+ providers)
dnssec_validate DNSSEC chain of trust — returns secure / insecure / bogus / indeterminate
dnssec_health Key inventory, signature expiry, algorithm assessment, rollover readiness
propagation_check Check propagation across 16 global resolvers: Google, Cloudflare, Quad9, China, Korea, Russia
ssl_check Certificate validity, expiry countdown, domain match, issuer, chain completeness
ttl_check TTL advisory with step-by-step migration lowering plan
zone_consistency Compare all authoritative nameservers — catches lame delegation and SOA mismatches
subdomain_discover Probe 75 common subdomains + crt.sh Certificate Transparency logs — surfaces exposed dev/staging environments
geo_lookup Geolocation, ISP, ASN, CDN detection, hosting flag
domain_status EPP registrar lock status — transfer-ready, delete lock, serverHold, pendingDelete
blacklist_check IP blacklist / DNSBL check — Spamhaus, Barracuda, SpamCop, SORBS, and more
whois_lookup Parsed WHOIS data — registrar, expiry, domain age, nameservers, EPP status
http_check HTTP/HTTPS reachability — status codes, redirect chain, HSTS, HTTP→HTTPS redirect
zone_axfr AXFR zone transfer vulnerability check — tests if any NS allows public zone transfers
dane_validate DANE/TLSA validation — cross-validates TLSA records against live TLS certificate

Example prompts

My emails are going to spam for example.com — token is YOUR_TOKEN
Did my DNS changes propagate yet for example.com? token: YOUR_TOKEN
Run a full security audit on example.com, token YOUR_TOKEN
Is the SSL cert for example.com about to expire? token YOUR_TOKEN
We're migrating example.com to a new host next week — are the TTLs safe? token YOUR_TOKEN
What subdomains does example.com have exposed? token YOUR_TOKEN
Are any of example.com's IPs on a blacklist? token YOUR_TOKEN
Get WHOIS info for example.com — token YOUR_TOKEN
Is example.com reachable over HTTPS? token YOUR_TOKEN
Check if example.com is vulnerable to zone transfers — token YOUR_TOKEN
Validate DANE/TLSA records for example.com — token YOUR_TOKEN

Architecture

Claude Desktop / Cursor / Windsurf
        │
        │  MCP over SSE
        ▼
mcp.softricks.net          ← Railway (always-on Python/FastMCP server)
        │
        │  HTTPS
        ▼
api.softricks.net/idig     ← AWS Lambda (iDig REST API)
        │
        │  DNS queries
        ▼
Live DNS infrastructure

Self-hosting

Clone this repo and deploy your own instance:

git clone https://github.com/kbhave/MCP-Service-iDig
cd MCP-Service-iDig
pip install -r requirements.txt
python mcp_server.py

Or deploy to Railway in one click — connect your GitHub repo and Railway handles the rest.

Requirements:

  • Python 3.11+
  • mcp==1.26.0
  • httpx

Related


License

MIT

from github.com/kbhave/MCP-Service-iDig

Installing IDig DNS Server

This server has no published package — it is built from source. Open the repository and follow its README.

▸ github.com/kbhave/MCP-Service-iDig

FAQ

Is IDig DNS Server MCP free?

Yes, IDig DNS Server MCP is free — one-click install via Unyly at no cost.

Does IDig DNS Server need an API key?

No, IDig DNS Server runs without API keys or environment variables.

Is IDig DNS Server hosted or self-hosted?

Self-hosted: the server runs locally on your machine via the install command above.

How do I install IDig DNS Server in Claude Desktop, Claude Code or Cursor?

Open IDig DNS Server on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare IDig DNS Server with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All communication MCPs