BIMI Record
Verifies the domain publishes a BIMI record (Brand Indicators for Message Identification) so that conformant email clients (Gmail, Yahoo, Apple Mail) display your brand logo next to your messages. BIMI is increasingly relevant for high-volume senders. It provides a visible trust signal in the inbox and discourages domain spoofing.
Applies to: URIBL and URI hosts.
How It Works
This is a two-part check.
1. DNS
We do a TXT lookup at default._bimi.<domain> and verify the record:
- starts with
v=BIMI1 - contains an
l=tag pointing to a logo URL
2. HTTPS
We fetch the URL declared in l=, requiring:
- HTTPS (no plain HTTP)
- a 2xx response
Content-Type: image/svg+xml
Fails On
- Missing TXT record.
- Missing
l=tag in the TXT record. - Non-HTTPS logo URL.
- HTTPS fetch fails or returns a non-2xx response.
- Wrong
Content-Typeon the logo response.
What This Check Does Not Do
This check does not cryptographically validate the optional Verified Mark Certificate (VMC) referenced by the a= tag. The VMC is optional in BIMI 1.0 and full validation requires maintaining a BIMI CA bundle that's outside the scope of this check.