🛡️ BIMI Toolkit & Checker

Comprehensive Brand Indicators for Message Identification tools

Check BIMI Configuration

Validate your BIMI DNS records, DMARC policy, SVG logo, and certificate configuration. Enter your domain name below to check your BIMI setup.

Convert Image to BIMI SVG

Convert PNG, JPG, or GIF images to BIMI-compliant SVG format. Our converter ensures your logo meets BIMI requirements with version 1.2 and baseProfile tiny-ps format.

Email Deliverability Check

Comprehensive email security checker that validates SPF, DKIM, DMARC, MX records, and Domain Keys. Check all your email authentication records in one place.

Hosted Email Security Services

We offer comprehensive hosted email security services powered by PowerDMARC. Manage all your email authentication and security needs from a single platform without accessing your DNS directly.

🛡️

Hosted DMARC

Monitor DMARC policies from a single platform without having to access your domain naming system. Get full visibility and analysis of emails sent on behalf of your organization.

  • DMARC Aggregate and Forensic Reporting
  • Email Header & Domain Reputation Analysis
  • Live Threat Map
  • AI-Driven Threat Intelligence
  • Auto DNS Publishing
  • Multi-lingual Control Panel
📧

Hosted SPF

One-click hosted SPF optimization with record flattening or SPF Macros approach to always stay under the lookup limit and enjoy error-free SPF.

  • Automatic SPF record optimization
  • Record flattening to avoid lookup limits
  • SPF Macro support
  • Real-time monitoring
  • Easy DNS management
🔑

Hosted DKIM

Simplify DKIM selector and key management for multiple domains with this one-stop service that enables you to optimize your DKIM authentication seamlessly.

  • Multi-domain DKIM management
  • Selector and key optimization
  • Automated key rotation
  • DKIM Analytics Reporting
  • Centralized control panel
🔒

Hosted MTA-STS & TLS-RPT

Enjoy hosted MTA-STS to enforce TLS encryption for your emails, and monitor email deliverability issues with simplified human-readable TLS reports.

  • Enforced TLS encryption
  • TLS-RPT reporting
  • Human-readable reports
  • Deliverability monitoring
  • Automated configuration
🖼️

Hosted BIMI

Attach your unique brand logo to all emails you send out from your domain, and make yourself stand out in your customers' inboxes.

  • BIMI logo hosting
  • VMC certificate management
  • Automatic DNS record publishing
  • Logo validation
  • Multi-domain support
🚨

Email Alerts

Stay ahead of threats with real-time alerts from PowerDMARC. Get notified instantly via email and portal when critical domain events occur.

  • Real-time email alerts
  • DNS change notifications
  • Policy violation alerts
  • Suspicious activity detection
  • Customizable alert rules

Email Service Provider Compliance

Meet the security requirements of prolific email service providers like Google and Yahoo with an intuitive DMARC analysis tool that is effortless to navigate.

  • Google & Yahoo compliance
  • Fast and easy implementation
  • Intuitive DMARC analysis
  • Automated reporting
  • Compliance monitoring
📊

Reputation Monitoring

Monitor and track your domain's email reputation and security score over time with comprehensive analytics and threat intelligence.

  • Domain reputation tracking
  • Security score history
  • DNS timeline monitoring
  • Threat intelligence feeds
  • Predictive analytics

🚀 Platform Features

📈 DMARC Reporting

Comprehensive aggregate and forensic DMARC reports with easy-to-read analytics

🌍 Live Threat Map

Real-time monitoring of email spoofing attacks worldwide

🤖 AI Threat Intelligence

AI-driven technology to pinpoint abusive IPs and detect attack patterns

🔧 API & Developer Tools

Full API access and developer tools for integration and automation

🌐 Multi-lingual Support

Control panel available in 11 languages including Japanese, French, German, Italian, Dutch, and more

🔗 Integrations

Seamless integration with your existing infrastructure and tools

💼 Managed Services

We also offer comprehensive managed services to help you implement and maintain your email security:

  • Deployment Services - Expert assistance with initial setup and configuration
  • Support Services - Ongoing support and troubleshooting
  • Managed Services - Full management of your email security infrastructure
  • VMC Provider Services - Trusted Verified Mark Certificate provider for your BIMI implementation
  • Threat Intelligence Service Feeds - Advanced threat intelligence and monitoring

Ready to Get Started?

Contact us to learn more about our hosted email security services

BIMI Information & Best Practices

What is BIMI?

Brand Indicators for Message Identification (BIMI) is an email authentication standard that allows organizations to display their brand logo in email clients. It builds on DMARC authentication and requires either a Verified Mark Certificate (VMC) for trademarked logos or a Common Mark Certificate (CMC) for non-trademarked logos. Both certificate types must be issued by a trusted Certificate Authority.

BIMI Requirements

  • DMARC Policy: Must have a valid DMARC record with a policy of "quarantine" or "reject"
  • SVG Logo: Must be a valid SVG image (version 1.2, baseProfile="tiny-ps") served over HTTPS
  • DNS Record: BIMI selector record in DNS (default._bimi.example.com) with logo and certificate URLs
  • Certificate: VMC (Verified Mark Certificate) or CMC (Common Mark Certificate) issued by a trusted CA

Certificate Options

BIMI supports two main types of certificates for logo verification. The certificate type you choose depends on whether your logo is a registered trademark.

1. Verified Mark Certificate (VMC)

For legally trademarked logos - This is the highest level of verification and provides the best email client support.

  • Highest trust level - Requires trademark verification by a Certificate Authority
  • Best email client support - Widely supported by major email providers
  • Checkmark indicator - Often displays a verification checkmark in supported inboxes
  • Maximum brand protection - Proves legal ownership of the trademark
  • 📋 Issued by CAs - Available from trusted Certificate Authorities like DigiCert, Entrust, DigiCert, and others
  • ⏱️ Verification process - Requires trademark documentation and CA verification

Best for: Organizations with registered trademarks who want maximum trust and the widest email client compatibility.

2. Common Mark Certificate (CMC)

For non-trademarked logos - A newer option that allows organizations without registered trademarks to use BIMI.

  • 📝 No trademark required - Designed for logos that are not registered trademarks
  • Easier to obtain - Less stringent verification process than VMC
  • 🆕 Newer standard - Introduced to expand BIMI adoption
  • ⚠️ Limited support - May have less widespread email client support compared to VMC
  • 📊 Growing adoption - Support is expanding as the standard matures
  • 🔐 Still requires CA - Must be issued by a Certificate Authority (not self-signed)

Best for: Organizations without registered trademarks who want to use BIMI, understanding that support may be more limited initially.

📌 Important Notes

  • Both VMC and CMC require a Certificate Authority - Self-signed certificates are not supported for BIMI
  • Gmail requires VMC - Gmail only displays BIMI logos with Verified Mark Certificates
  • Check your email client support - Verify which certificate types your target email clients support
  • Certificate URL in DNS - The certificate must be accessible via HTTPS and referenced in your BIMI DNS record (a= parameter)

Improving Email Deliverability

🔐 SPF (Sender Policy Framework)

Defines which mail servers are authorized to send email for your domain. Prevents sender address forgery.

🔑 DKIM (DomainKeys Identified Mail)

Cryptographically signs emails to verify they haven't been tampered with and come from your domain.

🛡️ DMARC (Domain-based Message Authentication)

Policy framework that uses SPF and DKIM to determine email authentication. Required for BIMI.

📧 MX Records

Mail Exchange records that specify which mail servers receive email for your domain.

BIMI DNS Record Format

default._bimi.example.com. TXT "v=BIMI1; l=https://example.com/logo.svg; a=https://example.com/cert.pem;"
  • v=BIMI1: BIMI version (currently version 1)
  • l=: URL to the SVG logo (required) - Must be HTTPS and publicly accessible
  • a=: URL to the VMC or CMC certificate (required) - Must be HTTPS and publicly accessible
Note: Both the logo (l=) and certificate (a=) parameters are required. The certificate must be a valid VMC or CMC issued by a trusted Certificate Authority. Self-signed certificates are not supported.