Summary
Implementing BIMI involves a multi-step process. Proper DNS setup is essential, with the BIMI record under `default._bimi`. The SVG logo must meet specific criteria. A VMC is often required (Gmail), though some providers (Yahoo) offer alternatives based on reputation. Strong authentication (SPF, DKIM, DMARC - enforced at p=quarantine or p=reject) is critical. Collaboration between marketing and IT, thorough testing, and ongoing monitoring are best practices. Success boosts brand recognition and trust.
Key findings
- VMC Necessity Varies: While Gmail requires a VMC for BIMI logo display, other providers, like Yahoo, may offer support without one based on sender reputation and adherence to guidelines.
- DNS Record Placement: The BIMI TXT record MUST be placed under the `default._bimi` selector of your domain to be correctly recognized by email providers.
- Strict DMARC Policy: A DMARC policy of `p=quarantine` or `p=reject` is a firm requirement for BIMI. `sp=none;` is not sufficient. This policy is crucial for protecting against spoofing and phishing.
- SVG Logo Specifications: The SVG logo must be a vector graphic, properly scaled, free of embedded links/scripts, served with the correct MIME type (`image/svg+xml`) and accessible via HTTPS.
- VMC Root Domain Inheritance: A VMC applied at the root domain level will be inherited by compliant subdomains, simplifying implementation for organizations with multiple sending domains.
Key considerations
- Cross-Team Collaboration: Successful BIMI implementation requires close cooperation between marketing and IT teams to ensure all technical and brand requirements are met.
- Ongoing Monitoring: Regularly monitor email deliverability metrics (open rates, click-through rates) and use BIMI validators to ensure your implementation remains effective and compliant.
- Testing: Implement thorough testing of BIMI by utilizing free online BIMI validators and sending test emails to different email providers like Gmail and Yahoo. These tools will assist you in identifying any setup problems before a full rollout.
- VMC Selection Factors: When choosing a VMC provider, consider factors beyond just the price tag, such as the ease of the application process, the level of support offered, and their reputation within the email community.
- Prioritize Authentication: Before embarking on BIMI, ensure SPF, DKIM, and DMARC are correctly implemented and actively managed. This is the foundation upon which BIMI is built.
What email marketers say
13 marketer opinions
Implementing BIMI involves setting up SPF, DKIM, and DMARC with a strict policy (p=quarantine or p=reject), creating a compliant SVG logo, obtaining a Verified Mark Certificate (VMC) for Gmail and other providers, and publishing the BIMI DNS record. A VMC at the root domain inherits to subdomains. VMC providers are functionally similar but differ in application and support. BIMI enhances brand recognition and trust, impacting open rates. Testing and monitoring are crucial. Serving the logo with the correct MIME type and HTTPS is important.
Key opinions
- VMC Inheritance: A VMC applied to the root domain will extend its verification to all compliant subdomains, simplifying the process for organizations with multiple sending domains.
- DMARC Requirement: A DMARC policy of p=quarantine or p=reject is mandatory for BIMI to function, ensuring only authenticated emails are delivered and preventing spoofing attacks.
- BIMI Implementation Steps: Key implementation steps include configuring SPF, DKIM, and DMARC; creating a compliant SVG logo; obtaining a VMC (required by Gmail); and publishing the BIMI DNS record.
- VMC Provider Similarity: While the functional outcome of VMC providers is the same, the application process, implementation assistance, and support can vary, influencing the overall user experience.
- Logo Display and Verification: VMCs provide logo display and verification at Google, Apple, Onet (Poland), and Zone (Estonia) domains
Key considerations
- VMC Provider Choice: Consider factors such as price, ease of application, and customer support when selecting a VMC provider, as the experience can vary despite the end result being the same.
- SVG Hosting Requirements: Ensure the SVG logo is served with the correct MIME type (image/svg+xml) and is accessible via HTTPS to comply with security requirements.
- BIMI Testing: Test your BIMI implementation with online validators and by sending test emails to various email providers to identify and resolve any configuration issues before a full rollout.
- BIMI Monitoring: Monitor email deliverability metrics, such as open rates and click-through rates, to assess the impact of BIMI on your email marketing campaigns and identify any areas for improvement.
- BIMI and Brand Recognition: BIMI is a great option to help brand recognition and trust with potential clients and helps ensure recipients that the email is legitimate and from a trusted source.
Marketer view
Email marketer from OnlyB2B.com answers that in a B2B context, BIMI can significantly enhance brand recognition and build trust with potential clients. Displaying a verified logo in the inbox helps to cut through the clutter and assures recipients that the email is legitimate and from a trusted source.
10 Aug 2021 - OnlyB2B.com
Marketer view
Email marketer from Reddit.com suggests that when choosing a VMC provider, consider factors such as price, ease of application, and support. While the end result (the VMC itself) is functionally the same, the experience of obtaining it can vary. They recommend comparing the application processes and customer support offerings of different providers.
20 Dec 2022 - Reddit.com
What the experts say
2 expert opinions
BIMI support is growing, with Gmail requiring a VMC while Yahoo offers it without for reputable senders. Successful BIMI implementation requires collaboration between marketing and IT to meet technical requirements, particularly ensuring proper SPF, DKIM, and DMARC configuration.
Key opinions
- BIMI Support Variation: Mailbox providers differ in their BIMI requirements. Gmail mandates a VMC, while Yahoo provides an alternative for senders with good reputations.
- Interdepartmental Collaboration: Successful BIMI implementation relies on marketing and IT teams working together.
Key considerations
- Reputation Matters: Building and maintaining a strong sending reputation can open doors to BIMI benefits without the need for a VMC on some platforms like Yahoo.
- Technical Expertise: Proper configuration of SPF, DKIM, and DMARC is crucial for BIMI implementation. Ensure your technical team is well-versed in these authentication methods.
Expert view
Expert from Word to the Wise responds by advising close collaboration between marketing and IT teams during BIMI implementation to ensure all technical requirements are met. Ensuring SPF, DKIM and DMARC are configured properly is very important and often where the BIMI implementation fails.
7 Aug 2023 - Word to the Wise
Expert view
Expert from Spam Resource explains that BIMI support is steadily increasing among mailbox providers. He highlights that while Gmail requires a VMC, other providers like Yahoo offer BIMI support without a VMC for senders with a strong reputation and adherence to their guidelines.
2 Nov 2024 - Spam Resource
What the documentation says
6 technical articles
BIMI implementation involves several technical requirements. The BIMI DNS record must be placed under `default._bimi` and include the SVG logo URL. The SVG logo must be a vector graphic, properly scaled, and accessible via HTTPS. Gmail requires a VMC from an approved provider. DMARC must be set to `p=quarantine` or `p=reject`. Yahoo offers BIMI without a VMC for senders with strong reputations.
Key findings
- BIMI DNS Record Location: The BIMI DNS TXT record must be placed under the `default._bimi` selector of your domain.
- SVG Logo Requirements: The SVG logo must be a vector graphic, properly scaled, free of embedded links/scripts, and accessible via HTTPS.
- Gmail's VMC Requirement: To display your logo in Gmail, a Verified Mark Certificate (VMC) is required from an approved certification authority.
- DMARC Policy Enforcement: A DMARC policy of `p=quarantine` or `p=reject` is necessary for BIMI to function, ensuring only authenticated emails are delivered.
- Yahoo's Alternative: Yahoo offers BIMI support without a VMC for senders with high reputations and adherence to their sending guidelines.
Key considerations
- DNS Record Accuracy: Ensure your BIMI DNS record is correctly formatted according to the BIMI Group specifications to avoid implementation issues.
- SVG Security: Carefully create and host your SVG logo to avoid security vulnerabilities. Ensure it doesn't contain any malicious code or scripts.
- VMC Selection: Choose a VMC provider that is approved by the BIMI ecosystem and meets your organizational needs in terms of support and certification process.
- Reputation Management: If targeting Yahoo users, prioritize building and maintaining a strong sending reputation to potentially qualify for BIMI without a VMC.
Technical article
Documentation from Entrust.com specifies the SVG logo used for BIMI must meet certain requirements. It must be a vector graphic, properly scaled, and free of any embedded links or scripts. Ensure the SVG is accessible via HTTPS.
28 Aug 2022 - Entrust.com
Technical article
Documentation from Yahoo explains that Yahoo supports BIMI without the requirement of a VMC if you meet their requirements for authentication and reputation. Senders must meet a high sending reputation by following all of Yahoo's guidelines to be able to test BIMI without paying for a VMC.
1 Nov 2021 - Yahoo
How do I set up BIMI with a CMC, and what are common issues?
How do I implement BIMI for email verification in Gmail and Yahoo?
Do I need a VMC for BIMI to work with Google and Gmail?
Does Microsoft Outlook support BIMI for displaying brand logos in email?
Can BIMI logos be animated and how do Google profile images interact with BIMI?
How do I implement BIMI and get my logo to show in Gmail and Yahoo Mail?
