Check whether a domain has a valid BIMI record, verify the logo URL, and see if a VMC certificate is present.
Try a known BIMI domain: linkedin.com Β· ebay.com Β· paypal.com Β· verizon.com
Common questions about BIMI and brand logo display in email.
BIMI (Brand Indicators for Message Identification) is an email specification that lets organisations display their logo in the email client's inbox beside messages that pass DMARC authentication. It works by publishing a DNS TXT record at default._bimi.{yourdomain} that points to your brand logo in SVG format. When a recipient's email client supports BIMI and your domain passes DMARC, your logo appears next to your emails β increasing brand recognition and trust.
A VMC (Verified Mark Certificate) is a digital certificate issued by an approved Certificate Authority (currently DigiCert or Entrust) that cryptographically verifies your brand's right to use a specific logo. It is required by Gmail and some other major providers before they will display your BIMI logo. Other providers, such as Yahoo Mail and Fastmail, support BIMI without a VMC. The a= field in your BIMI record should point to your VMC file (a PEM-encoded certificate). Without a VMC, your logo may still display in clients that do not require it, but you won't achieve full coverage.
BIMI support is growing. As of 2025, the following providers support BIMI logo display: Gmail (requires VMC), Yahoo Mail, Apple Mail (iOS 16+ / macOS Ventura+), Fastmail, La Poste, and Proofpoint-secured inboxes. Microsoft Outlook and Office 365 do not yet support BIMI. For BIMI to activate at any provider, your domain must have a DMARC policy of p=quarantine or p=reject β a p=none policy is not sufficient.
To display your logo via BIMI, follow these steps: 1) Ensure your domain has a valid DMARC record with a policy of quarantine or reject. 2) Convert your logo to a Tiny PS SVG (a strict SVG profile required for BIMI β standard SVGs are usually not accepted). 3) Host the SVG file at a publicly accessible HTTPS URL. 4) Publish a DNS TXT record at default._bimi.yourdomain.com with the value v=BIMI1; l=https://yoursite.com/logo.svg;. 5) Optionally, obtain a VMC certificate and add the a= field pointing to your certificate URL for providers that require it. Propagation typically takes up to 48 hours.
Data Collection: This BIMI Checker processes data to provide results. When you enter a domain name and submit it for checking, the domain name is used to perform a DNS TXT lookup at default._bimi.{domain}. No domain names or results are stored. We do not store, log, or share the domain names or data you submit beyond what is necessary to return your results.
Data Usage: Your input is used solely to generate results. No data is saved, analysed for profiling, or shared with third parties. Each new check operates independently.
DNS Lookups: To check your domain, we perform DNS queries via Google's DNS-over-HTTPS (dns.google). These queries are subject to Google's Privacy Policy. Only the domain name is transmitted β no personally identifiable information.
Bot Protection (Cloudflare Turnstile): When you submit a form or run a domain check, we use Cloudflare Turnstile to verify that the request is from a human and not an automated bot. Turnstile may collect limited technical data (e.g. browser attributes) as part of this check. No personally identifiable information is shared with Cloudflare beyond what is technically necessary. Cloudflare's privacy policy applies: cloudflare.com/privacypolicy.
Analytics (Google Analytics 4): We use Google Analytics 4 to understand how visitors use this site (pages visited, tools used). IP addresses are anonymised before being sent to Google. We do not share the domain names you check with Google Analytics. Google's privacy policy applies: policies.google.com/privacy. You can opt out via tools.google.com/dlpage/gaoptout.
Contact: For privacy enquiries or questions, please contact us at [email protected] or visit osh.co.za/contact.