BIMI (Brand Indicators for Message Identification) is an email standard that allows you to display your company's logo next to your messages in the inbox. It’s a powerful way to increase brand recognition and trust. Implementation happens in your DNS, where you publish a specific TXT record that tells mailbox providers where to find your logo.
This record is composed of several key-value pairs, or 'tags'. The most basic tags are v=BIMI1, which specifies the version, and l=, which points to the URL of your logo file. However, there's another crucial tag that often causes confusion: the a= tag.
The authority tag ('a=') explained
The a= tag in a BIMI record stands for 'authority'. Its purpose is to point to an Evidence Document that proves your organization has the authority to use the logo you’ve specified in the l= tag. The value for this tag is a URL that hosts this proof.
In practice, this Evidence Document is a Verified Mark Certificate, or VMC. So, a complete BIMI record with the authority tag would look something like this: v=BIMI1; l=https://media.example.com/logo.svg; a=https://media.example.com/vmc.pem;
What is a Verified Mark Certificate (VMC)?
A VMC is a digital certificate, much like an SSL certificate that secures a website with HTTPS. But instead of verifying ownership of a domain, a VMC verifies that your organization is the legal owner of a specific trademarked logo. This is a critical piece of the puzzle because it prevents bad actors from impersonating your brand by using your logo.
To get a VMC, you must first have a logo that is registered as a trademark with a recognized intellectual property office. You then apply for the VMC through a certified Certificate Authority (CA). The CA will vet your application, verify your trademark, and then issue the certificate file (a .pem file) that you host and link to in the a= tag.
Is the 'a=' tag required for BIMI?
This is where it gets interesting. According to the official BIMI standard, the a= tag is optional. It is possible to publish a 'self-asserted' BIMI record that only contains the v= and l= tags.
However, most major mailbox providers that support BIMI, including Gmail and Apple Mail, require a VMC for the logo to be displayed. Without the VMC, and therefore without the a= tag pointing to it, your logo simply will not show up in those inboxes. So, while technically optional by the standard, it is practically mandatory for a successful BIMI implementation. As the BIMI Group states, BIMI's goal is to enable brands to control which logo is displayed, and the VMC is the mechanism that providers use to trust that control.
- DMARC at enforcement: Your domain must have a DMARC policy of p=quarantine or p=reject.
- SVG Logo: Your logo must be in the specific SVG Tiny 1.2 format.
- VMC: You need a valid VMC proving trademark ownership of the logo.
In conclusion, the a= tag is the component of a BIMI record that links to your proof of logo ownership, the VMC. While you can publish a BIMI record without it, you will miss out on the primary benefit of BIMI: having your logo displayed in the world's most popular email clients.
