Skip to main content
CaptainDNS
NEW·Email security and deliverability monitoring. Get alerted the moment a score change or DNS record puts your domain at risk.Learn more

BIMI Validator

Validate a BIMI record syntax before DNS publication

Paste your BIMI record for an instant syntax validation. The tool parses the v, l and a tags, checks the HTTPS URLs and the conformance to RFC 9043, computes a 0 to 100 score and lists the fixes to apply before DNS publication. No network call, no logo download, no VMC fetch.

Free BIMI Hosting

Host your SVG logo and VMC certificate for free. We generate the BIMI DNS record for you.

Try BIMI Hosting

What this tool does

The BIMI Validator analyses only the syntax of a BIMI record:

  • Parses the tags v, l, a and flags unknown or duplicate tags.
  • Verifies the HTTPS URLs: protocol required, recognized format, no whitespace or forbidden character.
  • Detects structural errors: missing mandatory tag, incorrect separator, empty value, non-compliant order.
  • Computes a 0 to 100 score on the three parseable dimensions (record, syntax, hygiene).

No network call is made. No DNS lookup, no SVG logo download, no VMC PEM parsing. Validation is local and instant.

How BIMI works

BIMI (Brand Indicators for Message Identification, RFC 9043) lets a domain display its official logo in the inbox of compatible recipients. The mechanism relies on three coordinated elements:

  1. A DNS TXT record published at default._bimi.<domain>, syntax v=BIMI1; l=<logo_url>; a=<vmc_url>.
  2. An SVG logo compliant with the Tiny-PS profile (RFC 9043), hosted over HTTPS.
  3. A VMC or CMC certificate (Verified Mark Certificate or Common Mark Certificate) hosted over HTTPS, parsed by the webmail to verify mark ownership.

The DNS record must be paired with a strict DMARC policy (p=quarantine or p=reject with pct=100). Without it, BIMI is inoperative. This check is not covered by the Validator (no DNS query) but by the BIMI Checker once the record is published.

When to use this tool

  • Before DNS publication to confirm that a record generated manually or by a third-party tool is syntactically correct.
  • After editing the record to make sure no typo was introduced (truncated URL, missing semicolon, mistyped tag).
  • To validate a URL for the logo or VMC before actually hosting the files.
  • For audits when analysing a record copied from a third-party domain's DNS without relying on DNS resolution.
  • For debugging when the BIMI Checker reports a syntax error that is hard to isolate.

The three parseable dimensions

DimensionWeightWhat is measured
Record20 ptsNon-empty record, v= tag in first position
Syntax15 ptsRecognized tags, valid HTTPS URLs, no duplicate, correct separators
Hygiene10 ptsReasonable URLs, optional sha256, no useless tag

The three other dimensions (strict DMARC, SVG logo, VMC) are marked not_verified because they require DNS resolution or HTTPS download, both out of scope for the Validator. A perfect record on the parseable dimensions scores 100.

Common syntax pitfalls

Wrong version

The v= tag must be strictly v=BIMI1. Variants v=BIMI, v=BIMI2 or v=bimi1 are rejected by receivers. The version must also appear in the first position of the record.

Non-HTTPS URL

The BIMI profile requires HTTPS URLs for the logo and VMC. An http:// URL is rejected. No localhost, no literal IP, no path containing unencoded whitespace.

Duplicate tag

A single tag cannot appear twice in the record. v=BIMI1; l=https://a.captaindns.com; l=https://b.captaindns.com is invalid. Keep one value per tag.

Wrong separator

Tags are separated by a single semicolon followed by an optional space. No comma, no newline, no double semicolon. Expected format: v=BIMI1; l=https://captaindns.com/bimi/logo.svg.

Unknown tag

The spec defines v, l, a. An unknown tag (e.g., x=value) must be ignored by receivers but is flagged as a warning by the Validator. Remove it to stay aligned with RFC 9043.

Missing a= tag

The record stays syntactically valid, but Gmail and Yahoo will not display the logo without a VMC. A recommendation suggests adding a=<url> before publication, unless targeting only Apple Mail is intentional.

Tool limitations

  • No logo fetch: SVG Tiny-PS compliance is not verified here. The tool only confirms the l= URL is HTTPS and well-formed. The SVG content is inspected by the BIMI Checker after publication.
  • No VMC fetch: the issuing authority, expiry and trustmark are not tested. Only the a= URL syntax is validated.
  • No DMARC check: the p=quarantine or p=reject prerequisite cannot be tested without a DNS lookup. The Checker handles this.
  • No DNS propagation check: actual record availability in DNS is not tested.

For the full chain (DNS, logo, VMC, DMARC), publish and then run the BIMI Checker.

ToolPurpose
BIMI Record CheckVerify the published BIMI record, logo, VMC and DMARC
BIMI GeneratorBuild a compliant BIMI record from scratch
BIMI SVG ConverterConvert an SVG into the BIMI Tiny-PS profile
BIMI HostingHost the SVG logo and VMC for free
DMARC Record CheckCheck the DMARC policy, the indispensable BIMI prerequisite

Frequently asked questions

Q: What is the difference between BIMI Validator and BIMI Checker?

A: The Validator analyses the syntax of a record you paste before publication, with no network call. The Checker queries DNS, downloads the logo, parses the VMC and verifies DMARC on an already-published domain. Use the Validator before publication and the Checker after.

Q: Which BIMI tags are mandatory?

A: Two tags are mandatory per RFC 9043: v=BIMI1 (version, first position) and l= (HTTPS URL of the SVG logo). The a= tag (HTTPS URL of the VMC) is optional per the spec but required by Gmail and Yahoo, which need a valid VMC to display the logo.

Q: Why is my record flagged as invalid?

A: Common causes: v= absent or different from BIMI1, non-HTTPS URL, unknown tag, duplicate tag, whitespace inside a URL, wrong separators (only ; between tags). Each error is listed in the result with a correction example.

Q: Does the validator download the logo or VMC?

A: No. The BIMI Validator only performs a local syntax analysis. No network call, no SVG download, no VMC PEM fetch. For those checks, publish the record then use the BIMI Checker.

Q: What does the Validator 0 to 100 score mean?

A: The score measures the record's syntactic quality. The three parseable dimensions (record, syntax, hygiene) are scored. The three dimensions that cannot be verified offline (DMARC, logo, VMC) are marked not_verified and do not influence the score. A syntactically perfect record scores 100.

Q: What happens if the a= tag is missing?

A: The record stays syntactically valid. The Validator still flags a warning because Gmail and Yahoo will not display the logo without a VMC. Apple Mail accepts the absence of a VMC. A recommendation suggests adding the a= tag before publication to target inbox-ready.

Q: Why validate before publishing to DNS?

A: Webmails silently ignore an invalid BIMI record. No alert is sent to the sender. Validating upfront avoids a wasted DNS publication, a lost TTL cycle and a window of lost brand visibility.

Q: Should I include default._bimi as a prefix before analysing?

A: No. Paste only the TXT content (v=BIMI1; l=...; a=...) without the DNS name. The tool only parses the record text. The default._bimi.<domain> name is used when publishing to DNS and when running the Checker.

Useful resources