Log in
CaptainDNS

Propagation & diagnostics

Compare resolvers worldwide and inspect returned answers.

Email authentication

Tools to verify and validate your email authentication setup.

SPF syntax validator

Review include chains and DNS query limits before publishing changes.

SPF record inspector

Resolve the published TXT record, flag lookup limits and decode each mechanism.

DKIM syntax validator

Quickly check the syntax of your DKIM records.

DKIM record check

Resolve a selector and analyse the published DKIM TXT record.

DMARC syntax validator

Check rua/ruf destinations, alignment modes and the active policy before publishing.

DMARC record inspector

Resolve the published policy, surface diagnostics and confirm enforcement before switching to reject.

BIMI syntax validator

Validate BIMI tags, the logo fetch and the VMC certificate before publishing.

BIMI record inspector

Resolve the published BIMI record, inspect logo and VMC diagnostics in one place.

Email deliverability audit

Audit MX, SPF, DKIM and DMARC to confirm a domain is ready to send.

Mail header analyzer

Decode participants, authentication results and routing from raw headers.

DMARC record generator

Create compliant DMARC records with all policy and reporting options.

Text

Transform, encode and measure your content in seconds.

Text case converter

Convert any block of text to upper or lower case instantly.

Base64 encoder / decoder

Encode or decode any content in Base64 without leaving the browser.

Slug generator

Transform any sentence into an SEO-friendly slug in seconds.

Word & character counter

Measure the length of any text, with instant word and character counts.

Images

Preview and validate your BIMI logos before publishing.

BIMI logo lookup

Inspect a BIMI logo URL—format, metadata and live rendering—before rollout.

Certificates

Inspect CSRs, BIMI logos and VMC certificates before you deploy.

CSR parser

Inspect a CSR, extract subject details, fingerprints and requested SANs.

VMC inspector

Inspect a Verified Mark Certificate—issuer, validity and SAN coverage—before you publish BIMI.

IP

Look up addresses, owners, reverse records and ranges.

Reverse lookup

Resolve a PTR record and validate DNS consistency.

IP WhoIs

Identify the owner of an IP range and its contacts.

IPv4 netmask

Calculate network, broadcast and usable hosts for any IPv4 block.

My IP address

Detect your IPv4/IPv6 addresses and their geolocation.

BIMI record inspector

How to use the BIMI inspector

Query default._bimi.<domain> to see exactly what mail providers retrieve. The inspector validates the TXT, follows logo and VMC links and reports every warning before publication.

Prepare the query

Enter the organisational domain as it appears in the sender address. The tool automatically prefixes default._bimi, follows any CNAME then collects TXT responses.

Read the badges

Each record receives a colour-coded badge showing status, download warnings and VMC points of attention. Errors mean the logo will be ignored; warnings indicate risky but technically valid configuration.

Inspect remote resources

Logo metadata, HTTP redirects and VMC certificate details are displayed to confirm Tiny-PS compliance, certificate validity and subject alignment without leaving the report.

Why use this BIMI inspector?

Check before publication that your BIMI record will be usable by mail services. The tool reads the TXT at default._bimi.domain, follows any CNAME, retrieves the SVG logo, inspects the VMC certificate if specified and reports clear alerts. You save time and avoid back-and-forth during production deployment.

BIMI in brief

BIMI displays a brand logo in certain webmails when the domain properly applies DMARC and the logo and its proof of identity meet the expected format. The BIMI TXT contains at minimum v=BIMI1 and a logo URL l=.... The a=... field references a VMC when used. Most providers displaying BIMI require an enforced DMARC policy and, often, a valid VMC.

Instructions

  1. Enter the organisational domain as it appears in the sender address.
  2. Launch the analysis. The tool queries default._bimi.domain, follows the CNAME chain and reads the TXT response.
  3. The l= and a= links are resolved. The logo is retrieved and the VMC is downloaded and inspected.
  4. Read the summary and badges. Errors block logo display. Warnings indicate risk or partial non-compliance.

What the inspector checks

BIMI TXT

  • Presence and order of tags v, l, a. Unknown tags reported.
  • Absolute URL for l= and a=, HTTPS recommended.
  • Size, TTL and consistency of response after CNAME.
  • Reading metadata and Content-Type.
  • Security checks for the SVG Tiny P/S profile expected for BIMI no scripts, no foreignObject, no embedded fonts, no external links.
  • Presence of viewBox, consistent dimensions, reasonable weight.
  • HTTP redirects and error codes.

VMC certificate

  • Readable PEM format, validity dates, issuing authority, certificate chain.
  • Extraction of useful fields organisation, brand, jurisdiction when present.
  • High-level alignment with tested domain indicative. In case of discrepancy, the tool flags a point of attention.

DMARC prerequisites

  • Presence of a DMARC record on the domain.
  • Enforced policy recommended p=quarantine or p=reject.
  • Visible From → DMARC alignment indicated to aid diagnostics.

Common errors

  • DMARC at p=none mail services will not display the logo.
  • Non-compliant logo PNG instead of SVG, script present, embedded font, incorrect MIME-type, non-HTTPS URL, redirect to unsupported format.
  • Broken CNAME or chain too long.
  • Expired or unreadable VMC.
  • Overly complex logo high weight, no viewBox, random rendering in mail client.

Best practices

  • Publish BIMI on default._bimi.domain with reasonable TTL.
  • Serve the logo via HTTPS on a stable URL. Keep SVG simple, square background, clean edges.
  • Enable DMARC and progressively move to enforced policy by reading reports.
  • Use VMC issued by recognised CA when target webmail requires it.
  • Document each change target domain, logo URL, VMC issuer, date and reason.

Quick troubleshooting

  • No logo displayed though everything seems correct check DMARC policy and external HTTP access to logo.
  • Logo replaced by generic square look for script or forbidden element in SVG.
  • VMC rejected review dates and chain. Also verify brand name consistency.