Free checker - no signup required

Free BIMI Checker

Check default._bimi, hosted SVG logo reachability, DMARC enforcement readiness, and VMC/CMC authority URL before buying a mark certificate.

Run the check

Enter a domain to check it live against the IntoDNS.ai engine. No signup, no trial gating.

What this BIMI checker verifies

This tool reads the BIMI TXT record at default._bimi.<your-domain>, confirms it begins with v=BIMI1, and extracts the l= logo URL and the optional a= authority (VMC/CMC) URL. It then fetches the hosted logo to check that it is reachable over HTTPS and served as an SVG, and — if an authority URL is present — inspects the certificate endpoint to determine whether it is a Verified Mark Certificate, a Common Mark Certificate, and how long it is valid. The result tells you whether your BIMI setup is ready to display a logo.

Why BIMI matters

BIMI lets your verified brand logo appear next to your messages in supporting inboxes instead of a generic avatar, which improves recognition and signals a strong authentication posture. Critically, BIMI is gated on DMARC: a mailbox provider will only display your logo if your domain enforces DMARC at p=quarantine or p=reject. So BIMI both rewards and depends on a fully deployed authentication stack. For Gmail specifically, a certificate-backed path (VMC or CMC) is also required, which carries real cost — so checking readiness before you buy a certificate avoids wasted spend.

How to read the result

A valid record with a reachable HTTPS SVG logo means your DNS side is ready. If there is no authority URL, your logo can still display in clients that do not require a certificate (Apple Mail, Yahoo, Fastmail in many deployments) but not in Gmail. If an authority URL is present, the certificate type matters: a VMC unlocks Gmail and shows the blue verified checkmark, a CMC also works for Gmail but without the trademark-backed checkmark. The biggest gotcha the result surfaces indirectly: even a perfect BIMI record displays nothing until DMARC is enforced — confirm that with the DMARC checker first.

Common failure causes and fixes

The number-one reason a logo does not appear is DMARC not being at quarantine or reject — fix DMARC before anything else. The logo must be SVG Tiny Portable/Secure (SVG Tiny P/S): square, solid background, no scripts or external references, typically under 32KB, and hosted on a stable HTTPS URL with a valid certificate; ordinary SVG, PNG, or JPEG will not work. For Gmail, you must add a VMC or CMC at the a= URL, which requires a registered trademark for a VMC. Re-run this checker after publishing the record, and verify DMARC enforcement separately before expecting any client to render the logo.

Check readiness before buying a certificate

A VMC carries a real annual cost and requires a registered trademark, so the worst outcome is paying for one only to find your logo still does not display because of an unenforced DMARC policy or a non-compliant SVG. Use this checker, together with the DMARC checker, as a pre-purchase gate: confirm DMARC is at quarantine or reject, confirm the BIMI record parses and the SVG is reachable and in the correct format, and decide which providers you are targeting. If you only need Apple Mail, Yahoo, or Fastmail, you may not need a certificate at all. If Gmail logo display matters, you then know exactly what the certificate has to satisfy before you spend anything.

What This Checks

  • TXT record at default._bimi.example.com
  • BIMI version and l= logo URL
  • Hosted SVG logo reachability
  • Optional a= VMC or CMC authority URL
  • DMARC enforcement readiness for logo display

Common Fix Path

  • Move DMARC to p=quarantine or p=reject before expecting BIMI display
  • Host a BIMI-compatible SVG over HTTPS
  • Add a VMC or CMC URL when targeting Gmail logo display
  • Check readiness before spending budget on a certificate

Frequently Asked Questions

Does BIMI require an enforced DMARC policy?
Yes. A mailbox provider only displays a BIMI logo when your domain enforces DMARC at p=quarantine or p=reject, typically with full coverage. BIMI will not display under p=none. Reaching DMARC enforcement is the prerequisite for any BIMI logo to appear, regardless of how perfect the BIMI record itself is.
Do I need a VMC or CMC certificate for BIMI?
It depends on the provider. Gmail uses a certificate-backed path and requires a Verified Mark Certificate (VMC) or Common Mark Certificate (CMC) at the a= URL to display your logo; a VMC additionally shows the blue verified checkmark. Yahoo, Apple Mail, and Fastmail can display BIMI logos without a mark certificate in many deployments. Check readiness here before buying one.
What image format does BIMI require?
BIMI requires the logo in SVG Tiny Portable/Secure (SVG Tiny P/S) format — square, with a solid background, no scripts, animations, or external references, and typically under 32KB. PNG, JPEG, and ordinary SVG files will not work. Host it on a stable HTTPS URL with a valid certificate so receivers can fetch it.
What does a BIMI DNS record look like?
It is a TXT record at default._bimi.<your-domain>. Without a certificate it is v=BIMI1; l=https://yourdomain.com/logo.svg. For Gmail, add the authority tag: v=BIMI1; l=https://yourdomain.com/logo.svg; a=https://yourdomain.com/vmc.pem. This checker parses both the l= and a= tags and validates what each points to.
Why does my BIMI logo not show even though the record is valid?
The most common cause is DMARC not being enforced — BIMI is gated on p=quarantine or p=reject. Other causes are an unreachable or non-SVG-Tiny-P/S logo, a missing VMC/CMC when targeting Gmail, or simply provider-side caching delays. This checker flags the DNS and asset problems; verify DMARC enforcement with the DMARC checker for the gating requirement.
What is the difference between a VMC and a CMC?
A Verified Mark Certificate (VMC) requires a registered trademark for your logo and, in Gmail, unlocks both logo display and the blue verified checkmark. A Common Mark Certificate (CMC) does not require a trademark and still enables Gmail logo display, but without the checkmark. Both satisfy Gmail's certificate requirement; the choice depends on whether you hold a trademark and want the checkmark.

Machine-Readable Evidence

AI assistants and automation can cite the stable explanation page, then fetch the live check result for a specific domain.

GET https://intodns.ai/api/email/bimi?domain=example.com

Related Tools and Citations

BIMI Record GeneratorBIMI GuideDMARC CheckerBIMI without VMC citationRun the full domain scan