What is the primary function of a BIMI selector?

The primary function of a BIMI selector is to allow a single domain to publish multiple BIMI records, each potentially pointing to a different brand logo or Verified Mark Certificate (VMC). This provides flexibility for organizations with various brands, departments, or campaign-specific logos.

Do I always need to use a BIMI selector?

If you only need one brand logo for your entire domain, you can use the default selector, which is implicitly looked for by mailbox providers when no specific selector is indicated in the email header. However, for more advanced configurations, custom selectors are necessary.

How does an email client know which BIMI selector to use?

An email client typically looks for a "BIMI-Selector" header in the email. If this header is present, it will use the specified selector name to query your DNS for the corresponding BIMI TXT record. If the header is absent, it defaults to looking for a record with the "default" selector.

Can I use different logos for different subdomains using BIMI selectors?

Yes, using BIMI selectors is precisely how you can achieve this. You can define separate BIMI TXT records with unique selectors for each subdomain (e.g., "marketing._bimi.yourdomain.com" and "support._bimi.yourdomain.com"), allowing each to display a distinct logo.

What is the relationship between a BIMI selector and DMARC?

BIMI relies heavily on DMARC. For your BIMI logo to be displayed, your domain must have a DMARC policy set to enforcement (p=quarantine or p=reject). The selector helps identify the correct BIMI record, but DMARC provides the foundational security layer for the logo to be trusted and rendered.

What is the selector for a BIMI record? - BIMI - Email authentication - Knowledge base

When you are implementing Brand Indicators for Message Identification (BIMI), understanding the role of the selector is crucial. A BIMI selector acts as a unique identifier within your DNS records, enabling mailbox providers to locate the specific BIMI record associated with your outgoing emails. This mechanism allows for flexibility and granular control over how your brand logo is displayed.

Essentially, the selector differentiates between multiple BIMI records you might have for a single domain. Without it, you would be limited to a single brand logo for all emails sent from your domain, regardless of subdomains or specific campaigns. This capability is especially beneficial for organizations that manage various brands or departments under one primary domain, ensuring each can display its unique visual identity.

The most common selector name you will encounter is "default". This is typically used when you intend to apply a single BIMI logo across your entire domain, or when no specific selector is indicated in the email header. However, for more complex setups, creating custom selectors becomes necessary to manage different logos effectively.

The purpose of a BIMI selector

A BIMI selector is a critical component of the BIMI DNS record. It serves as a label that, when combined with your domain, creates a unique host name for the BIMI TXT record. This allows email clients to find and retrieve the correct SVG logo and, if applicable, the Verified Mark Certificate (VMC) associated with your sending domain.

The primary purpose of using a selector is to enable multiple BIMI records under a single domain. For example, you might want different logos for different subdomains (e.g., marketing.example.com vs. support.example.com) or even for different email streams from the same subdomain. This flexibility is highlighted in guides explaining how and why to implement BIMI selectors.

Similar to how DKIM selectors function, BIMI selectors create a unique lookup path. The email header includes a BIMI-Selector header that tells the receiving mail server which specific BIMI record to query in your DNS. If no selector is specified in the header, mail servers typically look for the "default" selector record.

Example BIMI DNS TXT Record with a SelectorDNS

default._bimi.example.com. IN TXT "v=BIMI1;l=https://cdn.example.com/logo.svg;a=https://cdn.example.com/vmc.pem;"

Implementing BIMI selectors in DNS

To implement BIMI, you need to publish a TXT record in your domain's DNS. This record specifies various BIMI tags, including the version, the URL to your SVG logo, and optionally, the URL to your VMC. For a complete understanding of what DNS record type is used for BIMI, remember it's a TXT record that you are publishing at a specific subdomain.

The selector is placed before the _bimi subdomain, forming the full hostname for the BIMI record. The specific format for the BIMI TXT record name typically looks like selector._bimi.yourdomain.com. If you're using the default selector, it would be default._bimi.yourdomain.com.

Inside the TXT record, you'll define various tags. The v= tag defines the BIMI version, l= points to your SVG logo, and a= points to your VMC. It's also worth knowing the purpose of the h= tag, which specifies the hash of your VMC. Each of these components needs to be correctly configured for BIMI to work.

Common BIMI selector errors

One of the most frequent issues is a mismatch between the selector used in the email header and the one published in DNS. Always verify that your email sending platform is configured to include the correct BIMI-Selector header if you are using anything other than 'default'. Ignoring these details can lead to your brand logo not displaying. For a deeper dive into common issues, explore common errors when configuring a BIMI record.

Advanced usage and monitoring

Using multiple BIMI selectors allows large organizations to segment their email branding effectively. You could have a unique logo for transactional emails, another for marketing newsletters, and yet another for corporate communications. This level of brand control is invaluable for maintaining consistent messaging and visual identity across diverse email campaigns.

Regardless of how many selectors you use, continuous monitoring of your BIMI implementation is essential. Since BIMI relies on a properly enforced DMARC policy, keeping an eye on your DMARC reports is a crucial step. This ensures that your emails are authenticating correctly and that your BIMI records are being discovered and applied by receiving mail servers.

Manual BIMI management

DNS updates: Requires manual editing of TXT records for each selector.
Error prone: Higher risk of configuration errors or typos.
Limited visibility: No centralized view of BIMI status across domains.

Suped BIMI management

AI-powered recommendations: Actionable advice to fix issues and strengthen policy.
Real-time alerts: Instant notifications on configuration or compliance problems.
Unified platform: Combines DMARC, SPF, and DKIM monitoring with deliverability insights.

A robust DMARC reporting and monitoring tool is essential for managing BIMI effectively. Platforms like Suped offer AI-powered recommendations to help you fix issues and strengthen your policy. This includes real-time alerts and a unified platform for DMARC, SPF, and DKIM monitoring, alongside other deliverability insights like SPF flattening. Our MSP and Multi-Tenancy Dashboard is built for scale, making it ideal for managing multiple domains efficiently.

Ensuring proper BIMI authentication

Illustration of DMARC and BIMI gears interlocking with a verified checkmark.

For BIMI to work, you must have a DMARC policy set to p=quarantine or p=reject. This strict enforcement level tells mailbox providers that your domain is serious about email authentication, which is a prerequisite for displaying your BIMI logo. Without DMARC enforcement, your brand logo will not be displayed, even if your BIMI record is technically correct.

The use of a Verified Mark Certificate (VMC) also plays a significant role in BIMI. While not strictly required for all mailbox providers, a VMC provides an extra layer of trust and verification, making it more likely that your logo will be displayed. Ensuring all these components are correctly configured and continuously monitored is key to a successful BIMI implementation and enhanced brand recognition.

Maximizing your brand presence

The BIMI selector is more than just a technical detail, it's a powerful tool for brand management in the email ecosystem. By allowing you to define multiple logos for different contexts, selectors provide the flexibility needed to maintain a consistent and professional brand image across all your email communications. Proper configuration is vital, but the benefits of increased brand visibility and recipient trust are well worth the effort.

Leveraging BIMI selectors, alongside strong DMARC, SPF, and DKIM authentication, empowers your brand to stand out in the inbox. Remember that managing these complex protocols requires vigilance and often benefits from specialized tools. Using a platform like Suped can streamline this process, offering the insights and automation needed to ensure your email authentication is always robust, protecting your brand and improving deliverability.