How do I implement BIMI for multiple brands with subdomains?

Key findings

• DMARC requirement: BIMI strictly requires a DMARC policy at enforcement (either p=quarantine or p=reject) for the domain or subdomain from which emails are sent.
• Organizational DMARC: Even if BIMI is applied to a specific subdomain, the DMARC policy for the organizational (root) domain often needs to be at enforcement or have an appropriate subdomain policy (sp=) that covers the subdomains. You can learn more about DMARC record placement for subdomains.
• BIMI record placement: A BIMI DNS TXT record can be published at the organizational domain level or on specific subdomains, offering flexibility for multi-brand setups.
• Selector usage: The selector parameter in a BIMI record allows different logos to be displayed for various brands or campaigns, even if they share the same base domain or subdomain, by referencing different SVG files.
• Verified mark certificate (VMC): For some mailbox providers (like Gmail), a VMC is required to display your logo, which validates that your brand logo is a registered trademark. This is a critical step often overlooked in initial planning for BIMI implementation, as highlighted by the BIMI Group.

Key considerations

• DMARC policy alignment: Ensure all sending domains and subdomains align with DMARC's authentication requirements before attempting BIMI implementation. This is foundational for any brand visibility through BIMI.
• Subdomain strategy: Decide whether to implement BIMI at the organizational domain level, individual subdomain levels, or a combination, based on your brand architecture and sending practices. Consider why you use subdomains for email marketing deliverability as part of this strategy.
• Logo management: Each brand (or specific campaign) might require its own SVG logo. Plan for hosting these logos securely and updating your BIMI records accordingly.
• VMC acquisition: If a VMC is desired for broader mailbox provider support, factor in the time and cost for trademark registration (if not already done) and VMC acquisition from an authorized certification authority.
• Monitoring and troubleshooting: Regularly monitor your BIMI implementation to ensure logos are displaying correctly and troubleshoot any issues promptly. The BIMI Group FAQs are a good reference.

Key opinions

• DMARC centralization: Many marketers believe DMARC should be set at an organizational level (root domain) to cover all subdomains, simplifying the setup for BIMI across multiple brands.
• Subdomain flexibility: There's a strong opinion that BIMI records can and should be placed on specific subdomains if different brands operate distinct sending identities, allowing for brand-specific logos.
• Selector confusion: Some marketers are aware of the selector parameter but are unsure about its practical adoption or widespread support among mailbox providers.
• VMC awareness: There's growing awareness among marketers about the need for a Verified Mark Certificate (VMC) for full BIMI display, especially for providers like Gmail.

Key considerations

• Consistent DMARC enforcement: Marketers must ensure their DMARC policy is consistently at p=quarantine or p=reject across all relevant domains and subdomains before BIMI deployment. This is a foundational step, as detailed in our guide on setting up DMARC for BIMI.
• Brand-specific logos: For each brand operating on a subdomain, create unique SVG logos that meet BIMI specifications. Consider using a selector if multiple brands send from the same subdomain.
• Trademarking: Ensure all brand logos intended for BIMI display are legally trademarked to facilitate VMC acquisition, which is essential for maximizing logo visibility across supporting mailbox providers. Our article on BIMI requirements provides further detail.
• DNS management: Plan for adding and managing BIMI DNS TXT records for each relevant subdomain or for the root domain if a centralized approach is preferred.

Key opinions

• DMARC enforcement is paramount: Experts universally agree that DMARC at p=quarantine or p=reject is a non-negotiable prerequisite for BIMI, extending to all relevant subdomains.
• Subdomain vs. organizational DMARC: While BIMI can be published on a subdomain, experts recommend a strong organizational DMARC policy (even if p=none with sp=quarantine/reject) for comprehensive coverage.
• VMC is key for major providers: The consensus is that a VMC is crucial for gaining BIMI display with major email providers, especially given Gmail's requirements.
• Selector for distinct brands: Experts advise utilizing the BIMI selector parameter to manage different logos for distinct brands or departments operating under the same subdomain or root domain.
• Long-term strategy: BIMI should be viewed as part of a broader brand trust and email authentication strategy, not just a one-time setup.

Key considerations

• Trademark registration: Ensure all logos intended for BIMI display are legally trademarked to meet VMC requirements. This is an essential preliminary step for full BIMI adoption. For more about this, check our guide on validating your BIMI SVG and certificate.
• DNS record accuracy: Verify that BIMI DNS TXT records are correctly formatted and published for each desired subdomain or the main domain, including the selector if used. A misplaced or incorrect record can prevent logo display.
• Phased DMARC implementation: Transition DMARC policies gradually to enforcement (quarantine/reject) to avoid legitimate email delivery issues. This is a best practice for any DMARC setup, as discussed in safely transitioning your DMARC policy.
• Image hosting security: Host SVG logos on a secure (HTTPS) server with appropriate CORS headers to ensure mailbox providers can retrieve them reliably.

Key findings

• DMARC policy prerequisite: The BIMI specification explicitly states that a DMARC policy of p=quarantine or p=reject (or an sp= policy) must be in place and enforced for the domain sending the email.
• Subdomain support: BIMI records can be published at the subdomain level, meaning each subdomain can potentially have its own BIMI record and associated logo.
• Selector parameter: The selector parameter allows for multiple BIMI records (and thus different logos) for a single domain or subdomain, by using unique selectors in the DNS TXT record name.
• SVG file requirements: The logo must be an SVG file that meets specific formatting and security criteria, including being served over HTTPS and adhering to CORS policies.

Key considerations

• DMARC policy enforcement: Organizations must ensure their DMARC policy is at enforcement and correctly applied across all sending domains and subdomains before BIMI can be activated. This is highlighted in our overview of BIMI email authentication FAQs.
• DNS record structure: The BIMI DNS TXT record should be formatted as default._bimi.yourdomain.com for the default record, or selector._bimi.yourdomain.com if using a specific selector for multiple brands.
• Verified mark certificate (VMC) integration: For enhanced trust and broader support, the BIMI record should include a reference to a VMC. This is typically done with a a= tag in the BIMI TXT record, pointing to the VMC file. The BIMI Group website provides comprehensive information on BIMI implementation.
• SVG file security: The SVG logo file must be hosted securely over HTTPS and allow cross-origin requests (CORS) from mailbox providers to retrieve the image successfully. Refer to BIMI requirements for SVG files.