Summary
Pardot, a Salesforce marketing automation platform, does not directly support BIMI (Brand Indicators for Message Identification) in the same way an email client does. Instead, BIMI is largely configured at the DNS level for your sending domain, requiring robust email authentication, specifically DMARC with a policy of enforcement (quarantine or reject). Pardot's role is to ensure your emails are properly authenticated via SPF and DKIM, which then allows them to pass DMARC alignment checks. The primary challenge sometimes arises from Pardot's use of a default exacttarget.com return-path domain, which needs to be aligned with your sending domain for full DMARC compliance and subsequent BIMI readiness. This alignment may require manual intervention by Salesforce support.
Key findings
- No direct Pardot support needed: BIMI is a DNS record that a domain owner publishes, not a feature configured within the sending platform itself. Pardot's role is to facilitate the underlying authentication requirements.
- DMARC alignment is key: For BIMI to display, your emails must pass DMARC authentication and alignment, typically with a policy set to p=quarantine or p=reject. This requires both SPF and DKIM to be correctly configured and aligned.
- Pardot's authentication capabilities: Pardot (via Salesforce) allows for custom return-path domains and DKIM signatures, which are crucial for DMARC alignment. This means the technical capability is generally present.
- DNS management: Your BIMI TXT record is added to your domain's DNS, which Pardot does not host. This setup is managed independently of the Pardot platform, though it directly impacts the emails sent through it.
Key considerations
- Pardot's DMARC compliance: Ensure your Pardot setup results in DMARC-compliant emails. This involves proper SPF and DKIM configuration where your From domain aligns with the domain in your SPF (Return-Path) and DKIM signature.
- Custom return-path: If Pardot's default exacttarget.com return-path is an issue for strict DMARC alignment, contact Salesforce support to see if they can manually update it to your custom domain.
- Verified mark certificate (VMC): Many major mailbox providers like Gmail require a VMC in addition to DMARC enforcement for BIMI logos to display. This certificate verifies your brand's logo.
- BIMI record publishing: Once DMARC is enforced and a VMC is obtained (if required), publish your BIMI TXT record in your domain's DNS. This record points to your SVG logo file and VMC, if applicable. Learn more about the requirements for BIMI implementation.
What email marketers say
Email marketers often discuss the intricacies of implementing BIMI, particularly when using platforms like Pardot. The common consensus is that while Pardot itself doesn't offer a direct BIMI button, its underlying authentication mechanisms are sufficient, provided they are configured correctly and Pardot allows for the necessary domain alignment. Many marketers highlight the importance of achieving DMARC alignment and an enforced policy to make BIMI work, sometimes noting potential hurdles with Pardot's default settings and the need for Salesforce support intervention.
Key opinions
- BIMI is DNS-based: Marketers frequently point out that BIMI is primarily a DNS configuration, meaning the email platform itself doesn't need native BIMI support.
- Authentication alignment is sufficient: As long as Pardot facilitates DKIM and SPF alignment to achieve a DMARC pass, BIMI should technically be achievable, regardless of the platform's direct 'BIMI support'.
- Return-path challenges: Some marketers have encountered situations where Pardot's default exacttarget.com return-path domain presented an obstacle to DMARC alignment, impacting BIMI readiness.
- Manual configuration possible: Marketers have successfully worked with Salesforce support to manually adjust Pardot settings for better DMARC alignment, enabling BIMI implementation.
Key considerations
- Verify DMARC policy: Confirm that your DMARC policy is set to p=quarantine or p=reject, as this is a fundamental requirement for BIMI display across supporting mailboxes. See how to set up DMARC for BIMI.
- Check Pardot's authentication settings: Ensure your Pardot domain authentication (SPF and DKIM) is configured to align with your From domain. This is often handled through a tracker domain setup in Pardot.
- Engage Salesforce support if needed: If a custom return-path is necessary for strict DMARC alignment, be prepared to work with Salesforce support, as this may require manual adjustments to your Pardot account settings.
- Understanding BIMI requirements: Familiarize yourself with all BIMI implementation requirements to ensure a smooth setup.
Marketer view
Email marketer from Email Geeks indicates that BIMI functionality relies on the email environment's support for domain authentication alignment. As long as a platform like Pardot facilitates this, BIMI should be achievable.
Marketer view
Marketer from Trailhead Salesforce community shares that BIMI setup is entirely done in DNS and does not require configuration within the email service provider itself, aside from ensuring DMARC readiness. This implies Pardot's internal settings are not the primary barrier.
What the experts say
Email deliverability experts agree that BIMI is less about direct platform support and more about adhering to a set of authentication standards, primarily DMARC. They emphasize that any sending platform, including Pardot, that can achieve DMARC alignment and an enforced policy should be compatible with BIMI. Challenges typically arise from configuration specifics, such as the ability to customize return-path domains, rather than a fundamental lack of support for the BIMI specification itself. The focus remains on proper DNS setup and strong email authentication.
Key opinions
- BIMI is platform-agnostic for core function: Experts maintain that BIMI's primary requirements—a DMARC policy at enforcement and a public DNS record—are not dependent on specific ESP 'support'.
- Authentication is the foundation: The critical factor is the sending platform's ability to send SPF and DKIM authenticated emails that align with the From domain, thereby passing DMARC. If Pardot can do this, it is compatible.
- Selectors are a niche feature: While BIMI allows for selectors to display multiple logos, experts note that very few senders actually implement or require this, making it a non-issue for most BIMI setups with Pardot.
- Pardot's DMARC readiness: Pardot's capability for custom return-path and DKIM signing means it provides the necessary components for DMARC alignment, which directly enables BIMI.
Key considerations
- Confirm DMARC enforcement: Before attempting BIMI, ensure your DMARC record is at an enforced policy (p=quarantine or p=reject) for the domain from which Pardot sends. This is a non-negotiable requirement. For guidance on setting up DMARC, refer to our simple DMARC examples.
- Align sending domains: Verify that your Pardot setup is configured such that the Return-Path domain (for SPF) and the DKIM signing domain are aligned with your From domain. This might involve setting up a tracker domain.
- Review Pardot's customization options: While Pardot offers certain configurations, review if any specific customizations, such as for the Return-Path header, are needed for strict DMARC alignment. This is sometimes where the vendor reluctance comes into play.
- Monitor BIMI implementation: After setting up BIMI, continuously monitor its display across various mailbox providers (e.g., Gmail, Yahoo Mail) to ensure proper implementation and troubleshooting any issues. Understand which email clients support BIMI.
Expert view
Deliverability Expert from Email Geeks suggests that BIMI is fundamentally about domain authentication alignment and not a feature that needs to be 'supported' by the sending platform itself. Any platform that can achieve DMARC alignment should be capable of sending BIMI-ready emails.
Expert view
Deliverability Expert from Wordtothewise.com explains that the presence of a Verified Mark Certificate (VMC) is increasingly crucial for BIMI display, especially with providers like Gmail. This adds a layer of validation beyond DMARC itself.
What the documentation says
Official documentation and technical guides consistently define BIMI as a specification that leverages existing email authentication standards, primarily DMARC, to display sender logos. They clarify that the implementation of BIMI involves publishing DNS records and acquiring a Verified Mark Certificate (VMC), rather than direct integration with an email sending platform's user interface. The responsibility for BIMI configuration lies with the domain owner, contingent on their ESP's ability to facilitate DMARC-compliant email sending.
Key findings
- BIMI is an email specification: Documentation confirms BIMI is a standard for displaying brand logos, built on top of robust email authentication.
- DMARC enforcement is mandatory: The BIMI Group emphasizes that a DMARC policy of p=quarantine or p=reject is a prerequisite for BIMI adoption.
- DNS record required: BIMI implementation involves adding a TXT record to your domain's DNS, pointing to your logo and VMC.
- VMC requirements by providers: Mailbox providers like Gmail explicitly require a Verified Mark Certificate for BIMI logos to appear, highlighting an additional layer of verification needed.
Key considerations
- Achieve DMARC compliance: Ensure your sending platform (Pardot) correctly authenticates emails with SPF and DKIM, leading to DMARC alignment and a passing DMARC policy. This is covered in what are the requirements and implementation steps for BIMI.
- Obtain a VMC: If your target audience uses mailbox providers like Gmail, obtaining a Verified Mark Certificate from a recognized Certification Authority is necessary.
- Prepare your logo: Your logo must be in SVG Tiny PS format and hosted on a secure (HTTPS) server. Refer to our guide on validating your BIMI SVG and certificate.
- Publish the BIMI record: Add the BIMI TXT record to your public DNS, linking to your logo and VMC.
Technical article
Documentation from Email on Acid details that implementing BIMI involves seven key steps, including identifying your sending domain, aligning email authentication, and publishing the BIMI TXT record to your DNS server. It clarifies that this process is domain-centric.
Technical article
The BIMI Group FAQ states that BIMI is an emerging email specification designed to enhance email authentication and brand recognition within supporting email clients. This highlights BIMI's purpose as a layer on top of existing authentication.
Related resources
8 resources
![How to Implement BIMI: A Step-by-Step Guide [Infographic]](https://www.emailonacid.com/wp-content/uploads/2021/08/Road-to-BIMI-Implementation_1600X900.png)
Related pages
Is BIMI available for email clients and what are its implementation requirements?
What are common questions and answers about BIMI email authentication?
What are the requirements and implementation steps for BIMI?
How to set up BIMI and Google Promotion Tab logos, and troubleshoot SVG issues?
How do I set up DMARC for BIMI and what are the key considerations?
A simple guide to DMARC, SPF, and DKIM
A guide to validating your BIMI SVG and certificate
Which email clients actually support BIMI?
Email Deliverability Issues: Getting Your Messages to the Inbox in 2025
Boost Email Deliverability Rates: Technical Solutions from Top Performing Senders
