BIMI Lookup & Generator
Check BIMI (Brand Indicators for Message Identification) records for any domain, preview the brand logo, and build your own v=BIMI1 TXT record.
default. Custom selectors allow multiple BIMI records per domain.viewBox must be defined. No JavaScript, external references, or animations.
TXT record on your DNS. The host/name must be default._bimi (for your domain).
How to Publish
- Log in to your DNS provider (Cloudflare, Route 53, cPanel, etc.)
- Create a new TXT record
- Set the Name/Host to
default._bimi(add your domain if required by your provider) - Paste the generated record as the Value/Content
- Set TTL to 3600 (1 hour) or your provider's default
- Propagation typically takes 5β30 minutes
Frequently Asked Questions
default._bimi.yourdomain.com and links to an SVG logo file. BIMI requires a strong DMARC policy (p=quarantine or p=reject) to be in place before it will activate.a= tag of your BIMI record. Gmail and Apple Mail require a VMC to show the verified checkmark. Without a VMC your BIMI record may still work in some clients (like Yahoo Mail) but the logo display is not guaranteed across all providers. VMCs typically cost $1,000β$1,500/year.viewBox attribute defined, no JavaScript or event handlers, no external references or linked images, no animations. Use the BIMI Group's SVG conversion tools to convert your logo.a= tag. (2) DMARC policy is p=none β BIMI requires p=quarantine or p=reject. (3) SVG format issues β the logo isn't valid SVG Tiny P/S. (4) Logo not hosted on HTTPS β HTTP URLs are rejected. (5) DNS propagation β the record is new and hasn't propagated. (6) Non-square logo β the aspect ratio must be 1:1.How BIMI Works
Authenticate Email
Your domain must have SPF, DKIM, and DMARC (p=quarantine or p=reject) all passing correctly.
Prepare SVG Logo
Convert your logo to SVG Tiny P/S format. Host it at a public, stable HTTPS URL β it should never change or move.
Publish BIMI Record
Add a TXT record at default._bimi.yourdomain.com pointing to your logo (and optionally your VMC).
Logo Appears in Inbox
Supporting email clients fetch your logo and display it in the sender avatar area β building trust and brand recognition.
BIMI Tag Reference
| Tag | Name | Required | Description |
|---|---|---|---|
v |
Version | Yes | Always BIMI1. Must be the first tag. |
l |
Logo URL | Yes | HTTPS URL to the SVG Tiny P/S logo file. Must be publicly accessible and stable. Set to empty string (l=) to opt out of BIMI without removing the record. |
a |
Authority (VMC) | Optional | HTTPS URL to the PEM-encoded Verified Mark Certificate (VMC). Required by Gmail and Apple Mail to show the verified checkmark. Issued by DigiCert or Entrust. |
Why Implement BIMI?
Instant Brand Recognition
Your logo appears as the sender avatar before the email is even opened β making your brand immediately recognizable in a crowded inbox and boosting open rates.
Verified Checkmark Badge
With a VMC, Gmail and Apple Mail display a blue verified checkmark alongside your logo β signalling to recipients that this email is genuinely from your brand, not a spoof.
Forces Strong Authentication
To implement BIMI you must have SPF, DKIM, and a DMARC policy of p=quarantine or p=reject β so pursuing BIMI naturally results in a fully hardened email security posture.
Higher Deliverability
The strong authentication chain required for BIMI significantly improves sender reputation with major mailbox providers, reducing the chance of landing in spam folders.
Phishing Protection for Recipients
Legitimate emails carry your visual logo; phishing attempts don't. Recipients learn to expect and trust your logo, making spoofed emails without it immediately suspicious.
No Cost for Basic BIMI
A basic BIMI record with just l= costs nothing beyond hosting an SVG file β and already works in Yahoo Mail. Only the VMC (for the verified checkmark in Gmail) requires a paid certificate.
SVG Logo Requirements for BIMI
BIMI enforces strict SVG requirements to ensure consistent, safe rendering across all email clients. Your logo must comply with SVG Tiny P/S (Portable/Secure) β a security-hardened subset of SVG.
- File format: SVG Tiny P/S (IETF RFC profile)
- Hosted on HTTPS at a stable, permanent URL
- Square aspect ratio (1:1) with
viewBoxdefined - Full-bleed design β logo should fill the entire canvas
- Background fills the entire
viewBox(no transparent backgrounds) Content-Type: image/svg+xmlserved by the web server
- JavaScript or event handlers (
onclick,onload, etc.) - External references,
<image>tags, or linked resources - Animations (
<animate>, CSS animations, SMIL) - Embedded fonts or
@font-facedeclarations - Non-square aspect ratio or missing
viewBox - HTTP URLs (insecure hosting)
Verified Mark Certificate (VMC) Providers
VMCs are required by Gmail and Apple Mail to display the verified sender checkmark. They are currently issued by two accredited Certificate Authorities:
DigiCert
One of the two accredited VMC issuers. DigiCert is a well-established CA offering VMC certificates for BIMI, including logo validation and trademark verification.
Entrust
The other accredited VMC CA. Entrust provides VMC issuance as part of its identity and certificate portfolio, with logo validation and an audit process.
The Email Authentication Stack
BIMI is the final, visible layer of the email authentication stack. It only activates once SPF, DKIM, and DMARC are all correctly in place.
| Protocol | What it authenticates | DNS Record | Our Tool |
|---|---|---|---|
| SPF | The sending server's IP address is authorized to send for the domain | TXT at root domain |
SPF Lookup & Generator |
| DKIM | The message was cryptographically signed by an authorized sender and not altered | TXT at {selector}._domainkey.{domain} |
DKIM Checker |
| DMARC | SPF/DKIM alignment with the visible From: header β sets enforcement policy and reporting |
TXT at _dmarc.{domain} |
DMARC Lookup & Generator |
| BIMI | Displays the domain's brand logo in supporting email clients once SPF, DKIM, and DMARC all pass | TXT at default._bimi.{domain} |
This tool |
| MX | Where inbound email for the domain should be delivered | MX at root domain |
MX Lookup |
