It's a common point of confusion, but the 'p=' tag is not actually part of a BIMI (Brand Indicators for Message Identification) record. Instead, it’s a required component of your DMARC (Domain-based Message Authentication, Reporting, and Conformance) record. However, your DMARC policy, which is set by this 'p=' tag, is absolutely critical for BIMI to work correctly.
Before your logo can be displayed in the inbox through BIMI, mailbox providers like Gmail and Yahoo need to be confident that the email is truly from you. This is where DMARC comes in. DMARC tells receiving servers what to do with emails that fail authentication checks (SPF and DKIM). The policy, or 'p=' tag, is the instruction you give them.
Your DMARC record is a simple text file in your DNS, and the policy tag is the most important part of it. It dictates the level of enforcement you want mailbox providers to apply to unauthenticated mail claiming to be from your domain. There are three settings you can use:
For BIMI to be successful, you must demonstrate that you are actively protecting your domain from spoofing and phishing. A DMARC policy of p=none signals that you are only monitoring, not enforcing. Mailbox providers require a clear enforcement policy before they will display your logo.
Therefore, a core requirement for BIMI is that your domain must have a DMARC policy of either p=quarantine or p=reject. Without one of these enforcement policies in place, mailbox providers will not fetch or display your BIMI logo, even if all your other records (like your VMC) are perfectly configured. In short, the p= tag is the key that unlocks BIMI by proving your commitment to email authentication.