MCP for DNS: How to Talk to Your Domains

Before we talk about the Model Context Protocol — or any specific AI assistant, or any specific tool — you need a clear picture of a quiet revolution that has been happening inside AI products over the last two years. It's a revolution called tool use, and it changes what an AI assistant is capable of in a way that is very hard to describe until you have actually seen it work.

Here is the core idea. The kind of AI you have probably used — Claude, ChatGPT, Gemini — is a large language model (LLM). An LLM is, fundamentally, a piece of software that has read a huge fraction of the public internet and learned to predict what text should come next given some text. It can write, summarize, translate, and reason about almost anything you put in front of it. But it has one significant limitation: by itself, it has no access to anything outside its training data. It cannot look up today's weather. It cannot read a file on your computer. It cannot send an email. It cannot check whether your website is online right now. It is a brilliant intern with a photographic memory of the world up to its training cutoff and a complete absence of access to the real, live systems you actually care about.

For most of the early history of LLMs (2022 to 2023), users worked around this by copying and pasting. You ran a tool yourself, copied the output into your AI chat, and asked the AI to interpret it. Slow, manual, and error-prone — but functional. Then in late 2023 the model providers started adding a feature called tool use (sometimes called "function calling"). The idea is simple: tell the model that a set of functions exists, describe what each one does, and let the model decide on its own when to call them. The model can now ask the world questions, get structured answers back, and use those answers to compose its reply. The brilliant intern just got their first set of office keys.

There was one problem with the early tool-use systems: every model provider had a slightly different way of describing tools, and every developer had to write a new integration for every model. If you built a tool for Claude, you had to rewrite it for ChatGPT. The same code in three places, three different formats, three different bug surfaces. The internet community needed a shared standard.

That shared standard is the Model Context Protocol, usually called MCP. It was created by Anthropic — the company behind Claude — and released as an open specification in late 2024. Think of MCP as the USB-C port for AI tool use: a single connector that any AI client can plug into, and a single connector that any tool provider can expose. Once a tool server speaks MCP, every MCP-compatible AI client can use it without any extra integration work. As of 2025, that list of clients includes Claude Desktop, Claude Code, Cursor, Windsurf, Cline, the ChatGPT Responses API, the Gemini CLI, and a long tail of community projects. The list grows every month.

This is the part that makes MCP feel like a quiet revolution. Before MCP, hooking an AI assistant up to your real systems required custom code, custom auth, custom error handling, custom everything. After MCP, the entire setup is one URL and (optionally) one API key. You add a single block to a config file, restart your AI client, and the AI now has access to a whole catalog of new tools — and it picks the right one to use, automatically, based on whatever you ask. The only thing left for you to do is have a conversation. The rest of this guide is about the specific MCP server EdgeDNS runs and how to use it, but everything in the next four sections sits on top of this one core idea: AI can now reach into the real world, and you do not have to write a line of code to make it happen.

MCP (Model Context Protocol) is an open standard — created by Anthropic, the company behind Claude — that lets AI assistants talk to real tools and real data, not just to whatever they were trained on.

Think of an AI assistant like a brilliant intern who knows a lot of stuff in general but has no access to your actual systems. MCP is the keychain of office passes that intern uses to actually go check things, run reports, and look stuff up. With MCP, the AI can stop guessing and start knowing.

An MCP server is a service that exposes a set of tools (functions the AI can call) and resources (data the AI can read) to any MCP-compatible AI client. The AI gets to decide when to use them. You don't have to write any code, configure any callbacks, or memorize any commands — you just talk.

EdgeDNS runs an MCP server at `mcp.edgedns.dev` that exposes 90+ tools for DNS, email security, certificates, threat intelligence, and more. Any AI client that speaks MCP — Claude Code, Claude Desktop, ChatGPT through the Responses API, Gemini CLI, Cursor, Windsurf, Cline — can connect to it in about a minute.

Let's skip the marketing fluff and answer the only question that actually matters: why should you, a real human with a real to-do list, care about MCP for DNS and domain intelligence? Here's the plain-English version, written the way you'd hear it from a friend who happens to do this for a living.

The first reason is practical: it removes a translation layer that used to consume hours of your week. DNS (Domain Name System), email authentication, certificate management, security headers, performance metrics, SEO (Search Engine Optimization) audits — all of this is technical, structured, jargon-heavy data. Without an AI translator, you have to either learn the jargon yourself or schedule time with someone who already has. With an AI translator, you ask the question in plain English and get the answer in plain English, and the entire technical layer between the two is invisible.

The second reason is leverage: the AI can chain together multiple checks without you having to manage the workflow. A question like "is my email setup working correctly?" is actually four questions in a trench coat — check SPF, check DKIM, check DMARC, check the score. With MCP, the AI runs all four tools, reads the results, and gives you one consolidated answer. Without MCP, you would run the four tools one at a time and stitch the results together yourself.

Picture this in real life. A founder of a small B2B SaaS gets an alert from a customer that their cold-email campaign has "completely stopped getting replies." The founder is not technical. In the old world, she would have to find a developer, explain the problem, watch the developer run a series of tools, and then translate the developer's findings back into a customer-friendly response. With MCP connected to her AI assistant, she opens Claude and types: "Run a complete email security check on my domain and also check whether we're on any of the public spam blocklists." The AI runs five tools in 30 seconds, reads the results, and replies: "Your DMARC record was changed two weeks ago to `p=reject` with `sp=reject` and strict alignment. Your transactional email service was added to your SPF record but not to your DKIM signing domain, so every transactional email is now failing DMARC alignment and getting rejected by Gmail. Here's the one-line fix." The whole thing took her 45 seconds. Without MCP, the same conversation would have taken her at least an hour and required a developer in the room.

Three questions this tool answers in plain English. If any of these have ever crossed your mind, MCP for DNS is built for you:

• Can I just ask my AI assistant about my domain instead of running a bunch of tools and copying the results into chat?

• Is there a single place where Claude, ChatGPT, and Gemini can all access the same set of DNS, security, SEO, and threat-intel checks?

• Can the AI run several checks at once and consolidate the results into one answer?

The answer to all three is yes, and it is the same MCP server in every case.

Who gets the most out of this guide. Non-technical founders trying to grow without a full-time DevOps hire, marketers debugging deliverability issues, sales teams qualifying prospects in real time during a call, IT admins running quick health checks before a meeting, security teams responding to incidents under time pressure, and developers automating repetitive checks inside their AI-driven workflows. If you have ever wished you could just ask a question instead of running a tool, MCP is for you.

What happens if you skip this entirely. You stay in the world of copy-paste between tabs, manually translating jargon, and scheduling time with developers for questions that should take 30 seconds. MCP does not invent new capabilities — every tool it exposes exists in EdgeDNS as a regular API endpoint — but it removes the friction layer that keeps non-technical users from ever touching them. The friction layer is the entire problem. Removing it is what makes the whole experience feel transformative.

If you're still on the fence about whether the EdgeDNS MCP server belongs in your toolbox, this section is for you. Below you'll meet five real conversations that real people have with their AI assistants once MCP is connected. These aren't hypothetical — they're the most common ones we hear about. Each one is something you could try yourself within five minutes of finishing the setup section below.

Conversation 1: Email deliverability audit across multiple domains

Imagine you're a marketing operations manager at a 200-person company. You have three customer-facing domains and you have no idea whether email authentication is set up correctly on any of them. You open Claude and type:

"Check the email authentication setup for example.com, brand.com, and newsletter.co. For each one, tell me whether SPF, DKIM, and DMARC are correctly configured. Then give me a single consolidated table I can share with my CTO with the most important fixes prioritized."

The AI runs SPF, DKIM, DMARC, and email-score tools on each domain, reads the results, and gives you a consolidated table in about 20 seconds. Why it matters: The same task done manually would take you about an hour of clicking around three different DNS providers and three different EdgeDNS tool tabs.

Conversation 2: Pre-deployment DNS verification

Imagine you're an ops engineer in the middle of a maintenance window. You just changed the A record for `api.example.com` to point at the new region. You need to know whether it's safe to declare success and close the window. You type:

"I just changed the A record for api.example.com to 203.0.113.50. Has it propagated to all the major public DNS resolvers? If not, how much longer should I wait?"

The AI runs the DNS propagation tool against Google, Cloudflare, OpenDNS, and Quad9, reports the percentage of resolvers that have the new answer, and gives you an estimate of when full propagation will complete. Why it matters: This is the difference between confidently closing a maintenance window on time and waiting an extra 30 minutes "just in case."

Conversation 3: Sales-call security assessment

Imagine you're an account executive prepping for a sales call with a potential enterprise customer. You want to walk in already knowing the prospect's domain security posture so you can tailor the pitch. You type:

"Give me a complete security assessment of competitor.com. I want letter grades for SSL/TLS, security headers, DNSSEC, email authentication, and overall threat posture, plus a one-paragraph executive summary I can paste into my call notes."

The AI runs more than a dozen tools, summarizes the results, and gives you exactly what you asked for — formatted, written in plain English, ready to paste. Why it matters: Walking into an enterprise sales call already knowing the prospect's security posture is the kind of preparation that closes deals.

Conversation 4: Customer-reported issue triage

Imagine you're the on-call engineer at a small company. A customer just reported that they're getting SSL certificate errors when they visit your checkout page from Europe. You type:

"My customers in Europe are getting SSL errors on checkout.example.com but not on the main example.com domain. Help me diagnose what's wrong — check the certificate chain, the supported TLS versions, the OCSP revocation status, and whether different DNS resolvers see different IPs."

The AI runs the four checks, reads the results, and tells you exactly which one is broken. In one common scenario the answer is "the intermediate certificate is missing from the chain on the new server, which is why Chrome on macOS works but Firefox on Linux doesn't." Why it matters: Customer-facing incidents are the highest-stakes, lowest-blame moments in any IT job. AI-driven triage cuts the mean time to resolution dramatically.

Conversation 5: Compliance evidence gathering

Imagine you're the one IT person at a fintech going through SOC 2. The auditor wants documented proof of email authentication, SSL hygiene, and DNSSEC across all customer-facing domains. You type:

"Run a complete domain security audit on these eight domains and format the results as audit-ready evidence with timestamps, control mappings, and remediation steps for any findings."

The AI runs the audit, formats the output, and saves you what would otherwise be a half-day of spreadsheet work. Why it matters: Compliance is exactly the kind of repetitive structured work where AI-driven automation removes hours from your week, every quarter.

Common situations across teams. Beyond the five conversations above, here are the everyday workplace moments when people across the company reach for an AI assistant connected to the EdgeDNS MCP server. If any of these are on your calendar this week, that's your sign:

• Right before launching a new website, domain, or marketing campaign.

• After making any DNS or email change, to confirm the new settings are working.

• When a customer reports a problem you can't immediately reproduce.

• During a sales call, security review, or compliance audit.

• As a recurring weekly or monthly health check.

Still not sure? Connect the EdgeDNS MCP server to your favorite AI assistant — it takes less than a minute and the free tier is enough for personal use — and just ask it: "What can you do for my domain?" The assistant will list its tools, ask you a follow-up question or two, and show you something useful within the first conversation.

The EdgeDNS MCP server exposes 90+ tools across these categories. Each one is a single function the AI can call autonomously, and each one is documented so the AI knows exactly when and how to use it.

DNS records — look up A, MX, NS, TXT, CAA, DNSSEC (Domain Name System Security Extensions) records, check propagation across global resolvers, find wildcard configurations, audit zone transfer settings.

Email security — check SPF, DKIM, DMARC, BIMI, MTA-STS, validate email addresses, score the overall email security of a domain.

Website security — analyze security headers, audit SSL/TLS (Secure Sockets Layer / Transport Layer Security) configuration, check certificate chains, monitor Certificate Transparency logs, detect web application firewalls.

SEO (Search Engine Optimization) and content — run technical SEO audits, check Core Web Vitals, validate structured data, analyze sitemaps and robots files.

Tech stack detection — fingerprint the Content Management System (CMS), JavaScript framework, analytics tools, hosting provider, and CDN behind any website.

Performance — measure compression support, caching headers, HTTP version, response times, page weight.

Threat intelligence — check Internet Protocol address (IP) reputation, detect proxies and Tor exit nodes, look up domain threats, find typosquatting variations.

Network — IP geolocation, reverse DNS, Autonomous System Number (ASN) lookups, real ICMP ping and traceroute from 18 global regions.

Composite reports — one tool that runs dozens of underlying checks and returns a complete picture of a domain in one call. Perfect for "give me everything you know about example.com."

Connecting the EdgeDNS MCP server to your AI assistant is genuinely fast. Here's the config for the most popular clients:

Claude Code or Claude Desktop: add an entry to your MCP settings file.

Cursor: Settings → MCP Servers → Add server → paste the URL.

ChatGPT (through the Responses API): add the URL as a tool source.

Gemini CLI: add an entry to your `mcp.json` file.

Whether you use the free or authenticated version is up to you: - Without an API key: you get the public free tier — about 200 lookups per month, 5 per minute. Perfect for casual personal use. - With an API key (a string starting with `edns_live_`): you get your full plan's rate limits. The free plan is enough for individuals; the Developer and Pro plans support higher volumes for teams.

Both versions expose the same 90+ tools — the only difference is rate limits.

Here's the fastest possible way to try this:

1. If you use Claude Code or Claude Desktop, add the MCP config from above to your settings file. (Or use any other MCP-compatible AI tool — the steps are similar.)

2. Restart your AI client. It will discover the EdgeDNS tools automatically.

3. Start a new conversation and try this: "Run a complete email security check on gmail.com and explain the results."

What happens next: the AI will autonomously call several tools (`security_spf`, `security_dkim`, `security_dmarc`, `score_email`), wait for each to return, and then give you a friendly plain-language assessment of Gmail's email setup with letter-grade scores and any issues it found.

From there, ask follow-up questions in plain English: "Is that better or worse than yahoo.com?" "What would you change if it were our domain?" "Can you check my domain too?"

The free tier gives you 200 requests per month and 5 per minute — plenty for individual exploration and casual use. The Developer and Pro plans support much higher volumes for automated workflows and team use, and they all use the same MCP server.

MCP (Model Context Protocol) — the open standard for letting AI assistants call real tools and read real data.

LLM (large language model) — the kind of AI behind tools like Claude, ChatGPT, and Gemini. It generates text by predicting what should come next based on a huge amount of training data. MCP gives LLMs a way to act on the real world.

API (Application Programming Interface) — a way for one program to ask another program for something. EdgeDNS has both a REST API (for code) and an MCP server (for AI).

DNS (Domain Name System) — the internet's address book. Most of the EdgeDNS MCP tools let the AI ask DNS questions.

SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), DMARC (Domain-based Message Authentication, Reporting and Conformance) — the three email authentication standards. The AI can check all three with a single conversation.

SSL/TLS (Secure Sockets Layer / Transport Layer Security) — the encryption that puts the "S" in HTTPS. The AI can check whether your certificates are valid and which protocol versions you support.

Bearer token — a string you put in an HTTP header to authenticate yourself. Your EdgeDNS API key (starting with `edns_live_`) is a bearer token.

Free tier — the version of EdgeDNS you can use without paying. It includes full MCP access, 200 lookups per month, and no credit card required.