Log in
CaptainDNS

Propagation & diagnostics

Compare resolvers worldwide and inspect returned answers.

Email authentication

Tools to verify and validate your email authentication setup.

SPF syntax validator

Review include chains and DNS query limits before publishing changes.

SPF record inspector

Resolve the published TXT record, flag lookup limits and decode each mechanism.

DKIM syntax validator

Quickly check the syntax of your DKIM records.

DKIM record check

Resolve a selector and analyse the published DKIM TXT record.

DMARC syntax validator

Check rua/ruf destinations, alignment modes and the active policy before publishing.

DMARC record inspector

Resolve the published policy, surface diagnostics and confirm enforcement before switching to reject.

BIMI syntax validator

Validate BIMI tags, the logo fetch and the VMC certificate before publishing.

BIMI record inspector

Resolve the published BIMI record, inspect logo and VMC diagnostics in one place.

Email deliverability audit

Audit MX, SPF, DKIM and DMARC to confirm a domain is ready to send.

Mail header analyzer

Decode participants, authentication results and routing from raw headers.

DMARC record generator

Create compliant DMARC records with all policy and reporting options.

Text

Transform, encode and measure your content in seconds.

Text case converter

Convert any block of text to upper or lower case instantly.

Base64 encoder / decoder

Encode or decode any content in Base64 without leaving the browser.

Slug generator

Transform any sentence into an SEO-friendly slug in seconds.

Word & character counter

Measure the length of any text, with instant word and character counts.

Images

Preview and validate your BIMI logos before publishing.

BIMI logo lookup

Inspect a BIMI logo URL—format, metadata and live rendering—before rollout.

Certificates

Inspect CSRs, BIMI logos and VMC certificates before you deploy.

CSR parser

Inspect a CSR, extract subject details, fingerprints and requested SANs.

VMC inspector

Inspect a Verified Mark Certificate—issuer, validity and SAN coverage—before you publish BIMI.

IP

Look up addresses, owners, reverse records and ranges.

Reverse lookup

Resolve a PTR record and validate DNS consistency.

IP WhoIs

Identify the owner of an IP range and its contacts.

IPv4 netmask

Calculate network, broadcast and usable hosts for any IPv4 block.

My IP address

Detect your IPv4/IPv6 addresses and their geolocation.

VMC certificate inspector

Why inspect a VMC?

  • Validate issuer, validity window and certified domains before enabling BIMI for a brand.
  • Detect missing SAN entries, outdated business data or a certificate that is about to expire.
  • Confirm that the URL shared by a partner really serves a trusted VMC chain.

What is a VMC certificate?

A Verified Mark Certificate is an X.509 certificate that attests the trademark rights of an organization. Mailbox providers rely on it together with BIMI records to display brand logos in inboxes. The certificate encodes:

  • the legal subject and jurisdiction information (BN, address, business category)
  • the list of domains, URLs and identities authorised to display the logo
  • the issuing certificate authority and the validity period

How to use this tool

  1. Paste the full PEM certificate between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----, or provide the HTTPS URL hosting the VMC.
  2. Click Parse VMC certificate.
  3. Review the subject, issuer, SAN entries and validity dates delivered by CaptainDNS.
  4. Regenerate or renew the certificate if a field looks incorrect.

Common issues

  • ERR_CERT_INPUT_MISSING – Provide either a PEM block or a HTTPS URL.
  • ERR_CERT_URL_INVALID – Only HTTPS targets are allowed and the server must respond successfully.
  • ERR_CERT_PEM_MISSING – The payload did not contain an actual certificate block.
  • ERR_CERT_INVALID – The certificate structure is corrupted or not a VMC.
  • ERR_CERT_FETCH_FAILED – CaptainDNS could not download the file (timeout, redirects, size limits).

Privacy & retention

Your certificate is sent to the CaptainDNS API solely to decode its metadata. The payload is processed in memory and never stored. Only generic telemetry such as response time or payload size is recorded to monitor service reliability.