What is SVG Tiny 1.2 P/S and why is it required for BIMI?

SVG Tiny 1.2 Portable/Secure (P/S) is a restricted subset of the SVG specification that removes potentially harmful elements like scripts or external references. It's required for BIMI to ensure security and consistent rendering of your logo across email clients, preventing exploitation.

Are there specific size or aspect ratio requirements for BIMI SVG logos?

Yes, your BIMI SVG logo must have a 1:1 aspect ratio (square) and be precisely centered within the canvas. The file size should ideally be under 32KB to ensure quick loading and optimal display in various inbox environments.

Does my BIMI SVG need a transparent or solid background?

For BIMI, a non-transparent (solid) background is often recommended. This helps ensure your logo is clearly visible against different email client themes, such as light or dark mode, and prevents it from blending into the inbox background.

What XML elements are forbidden in a BIMI compliant SVG?

Forbidden XML elements in BIMI SVGs include JavaScript, external stylesheet references, animation elements, and interactive components like links. The SVG Tiny P/S profile specifically restricts these for security reasons to prevent malicious code execution.

Is a Validated Mark Certificate (VMC) necessary for BIMI SVG display?

Yes, a Validated Mark Certificate (VMC) is essential. It digitally verifies your logo's ownership and links your domain to the SVG file. Without a VMC, your perfectly formatted BIMI SVG logo will not be displayed in recipient inboxes.

Can I use BIMI if my DMARC policy is set to p=none?

No, BIMI requires your DMARC policy to be set to an enforcement mode, either p=quarantine or p=reject . A p=none policy indicates that you are not enforcing DMARC, which disqualifies your domain from BIMI logo display.

What are the specific requirements for an SVG image to be BIMI compliant? - BIMI - Email authentication - Knowledge base

Brand Indicators for Message Identification (BIMI) allows your registered brand logo to appear next to your emails in a recipient's inbox. This visual verification builds trust and recognition for your brand. However, activating BIMI isn't as simple as uploading any logo file. There are very specific technical requirements for the Scalable Vector Graphics (SVG) image format that must be met for your logo to display correctly and securely.

These requirements ensure that the logo is displayed consistently across various email clients and devices, maintaining brand integrity. More importantly, they are crucial for security, preventing malicious actors from exploiting the logo display mechanism. Without strict adherence to these specifications, your BIMI implementation will likely fail, and your logo won't be shown.

The details can be quite technical, involving specific XML attributes and formatting. Understanding these nuances is key to a successful BIMI rollout. Let's delve into the specific requirements you need to consider when preparing your SVG file for BIMI compliance.

The crucial SVG P/S profile

The most fundamental requirement for a BIMI SVG is that it must adhere to the SVG Tiny 1.2 Portable/Secure (P/S) profile. This isn't just any SVG file. The P/S profile is a restricted subset of the SVG Tiny 1.2 specification, specifically designed to mitigate security risks. It disables potentially harmful elements like scripts, external references, and animations, ensuring that the logo itself cannot be used as an attack vector.

To achieve the correct profile, you often need to manually edit the SVG file in a text editor or use specialized tools. Many graphic design programs export SVGs with features that are not BIMI compliant, so a direct export will usually not work. It's important to verify that your SVG image format meets this exact specification.

The BIMI Group provides guidelines on creating BIMI SVG logo files that highlight the strictness of the P/S profile. This adherence guarantees that your brand's visual identity is displayed securely and consistently, preventing any unexpected rendering issues or security vulnerabilities that could undermine trust.

Example of a basic BIMI compliant SVG P/S structurexml

<svg width="100" height="100" viewBox="0 0 100 100" version="1.2" baseProfile="tiny-ps"
     xmlns="http://www.w3.org/2000/svg">
  <title>Your Brand Logo</title>
  <desc>Your brand's official logo for BIMI.</desc>
  <rect x="0" y="0" width="100" height="100" fill="#FFFFFF"/>
  <circle cx="50" cy="50" r="40" fill="#FF4500"/>
</svg>

Sizing, aspect ratio, and background

Beyond the file format, the visual presentation of your SVG is paramount. The image must maintain a 1:1 aspect ratio (a perfect square) to ensure it displays optimally in various inbox environments, whether they render logos as squares, rounded squares, or circles. While there aren't strict pixel dimensions, ensuring your logo is designed to fit a square canvas is essential for consistent rendering. Our guide on recommended SVG dimensions can offer further insight.

The file size of your SVG is also a critical factor. It should be kept as small as possible, typically under 32KB, to ensure fast loading and display within email clients. Large file sizes can lead to delays or even prevent the logo from appearing. Simplify your logo's vector paths and remove any unnecessary elements to optimize its size.

Finally, consider the background. While transparent backgrounds are common for logos, for BIMI, a non-transparent background is often recommended. This ensures your logo stands out clearly against varying inbox themes (light or dark mode) and prevents it from blending into the background, maintaining its visibility and impact. Ensure the background color is explicitly defined within the SVG.

BIMI SVG best practices for visual fidelity

Aspect ratio: Always design your logo to fit perfectly within a 1:1 (square) canvas.
Centering: Ensure your logo is precisely centered within the SVG canvas to render well in different shapes (circles, squares).
File size: Keep the SVG file under 32KB for optimal performance and display.
Background: Use a non-transparent background to ensure visibility across diverse email client themes.

XML structure and security considerations

The internal XML structure of your SVG file must be clean and minimal. It's crucial to remove any elements not explicitly allowed by the SVG Tiny P/S profile. This includes JavaScript, external stylesheet references, and animations. These elements are often embedded by default by graphic design software and must be stripped out manually to meet BIMI's strict security standards. Google provides detailed steps on creating a BIMI SVG file which often involves manual editing.

Your SVG should also include title and desc (description) elements. These provide important accessibility information and can help in understanding the logo's purpose, especially for users with visual impairments or when the image cannot be displayed. Including these tags is a simple yet effective way to enhance the user experience and compliance.

Furthermore, the SVG file needs to be hosted on a publicly accessible server via HTTPS. This ensures the logo is fetched securely. The URL pointing to your SVG file will be included in your BIMI DNS record. Without HTTPS, the image will not be considered secure and will fail BIMI validation, thus not displaying in recipient inboxes.

Allowed SVG elements

Basic shapes: rect, circle, ellipse, line, polyline, polygon
Path data: path
Text elements: text, tspan
Structural elements: g, defs, use
Metadata: title, desc, metadata

Forbidden SVG elements

Scripting: script, on-event attributes
External resources: image, object, foreignObject
Interactive elements: a (links), view, cursor
Animation: animate, set
Styling: style elements (inline styling is fine)

Validated Mark Certificate (VMC) and DMARC alignment

While the SVG file itself is the visual component, it's intrinsically linked to a Validated Mark Certificate (VMC). A VMC is a digital certificate that verifies your ownership of the logo and is issued by a trusted Certificate Authority. This certificate contains metadata that links your brand's domain to the specific SVG logo file. Without a valid VMC, even a perfectly formatted SVG will not display via BIMI.

For BIMI to work, your domain must also have a strong DMARC policy enforced at p=quarantine or p=reject. This policy ensures that emails purporting to be from your domain are properly authenticated and that unauthenticated emails are handled strictly. A relaxed DMARC policy (like p=none) will prevent your BIMI logo from being displayed, as it signals a lack of strong email authentication. Safely transition your DMARC policy for a successful BIMI implementation.

Managing your DMARC implementation and ensuring proper alignment with your BIMI record requires ongoing monitoring. This is where tools like

Suped become invaluable. Our platform offers AI-powered recommendations to help you fix any authentication issues and strengthen your DMARC policy, which is a prerequisite for BIMI. Continuous monitoring helps ensure your logo remains visible and your email ecosystem secure.

Final thoughts on BIMI SVG compliance

Achieving BIMI compliance for your SVG logo requires meticulous attention to detail. From selecting the correct SVG Tiny 1.2 P/S profile to adhering to strict sizing, aspect ratio, and background guidelines, each step is critical. Furthermore, the underlying XML structure must be clean and devoid of forbidden elements to ensure both security and proper rendering.

Remember that the SVG is just one piece of the puzzle. It must be paired with a Validated Mark Certificate (VMC) and your domain needs a robust DMARC policy set to enforcement (p=quarantine or p=reject). This holistic approach ensures maximum brand visibility and email security.

By carefully following these specific SVG requirements, you can successfully implement BIMI and leverage the power of visual branding in your email communications. This not only enhances your brand's presence but also reinforces trust with your recipients, distinguishing your messages in a crowded inbox.