Summary
Brand Indicators for Message Identification (BIMI) enables organizations to display their verified, trademarked logos alongside their authenticated email messages in supported inboxes, thereby enhancing brand recognition and trust. Successful BIMI implementation primarily hinges on a robust DMARC enforcement policy, the availability of a securely hosted logo in a specific SVG format, and most often, a Verified Mark Certificate (VMC) to validate the logo's authenticity. The general process entails configuring DMARC, preparing the logo, obtaining a VMC, and then publishing a BIMI DNS TXT record for the domain.
Key findings
- DMARC Enforcement is Crucial: BIMI implementation fundamentally requires an enforced DMARC policy, specifically set to 'p=quarantine' or 'p=reject,' coupled with properly aligned SPF and DKIM authentication for email domains.
- Specific SVG Logo Format: The brand logo must be prepared in a specific format, typically SVG Tiny 1.2 or SVG Tiny PS, and hosted securely on a web server accessible via HTTPS.
- VMC is Generally Required: For most major inbox providers, a Verified Mark Certificate (VMC) is a critical component to authenticate and display the brand logo next to email messages, verifying its authenticity and preventing impersonation.
- Standard Implementation Steps: The typical implementation process for BIMI involves ensuring DMARC is set up and enforced, preparing and securely hosting the SVG logo, obtaining a VMC from a trusted Certificate Authority, and finally publishing the BIMI DNS TXT record to link these elements.
Key considerations
- VMC Varies by Provider: While a Verified Mark Certificate (VMC) is generally mandatory for widespread BIMI adoption, its necessity can vary by inbox provider; for example, Verizon Media employs its own brand-to-logo matching, and Google and Microsoft may have distinct or evolving validation methods outside the official VMC process.
- Trademark Requirement for VMC: To obtain a Verified Mark Certificate (VMC), it is typically a prerequisite that the brand logo is a legally registered trademark.
- Provider-Specific Nuances: Different inbox providers, such as Google and Microsoft, may have unique or evolving BIMI requirements, or separate brand identity programs that can influence universal BIMI implementation.
- Current Adoption Visibility: A comprehensive public list of brands that have widely adopted BIMI is not yet readily available, making it challenging to track its pervasive implementation.
What email marketers say
11 marketer opinions
Brand Indicators for Message Identification (BIMI) allows businesses to display their trademarked logos next to their email messages in supporting inboxes, boosting brand visibility and user trust. The core technical requirements for BIMI include having a DMARC policy in enforcement mode, using a specific SVG format for the logo, and often, acquiring a Verified Mark Certificate (VMC). Implementing BIMI involves ensuring DMARC is properly set up, preparing and hosting the SVG logo securely, obtaining the VMC from a trusted Certificate Authority, and then publishing the necessary BIMI DNS TXT record for the domain.
Key opinions
- Mandatory DMARC Policy: A fundamental requirement for BIMI is the enforcement of a DMARC policy, specifically set to 'p=quarantine' or 'p=reject,' ensuring robust email authentication and domain protection.
- Specific SVG Logo Format: The brand logo must be in a highly specific SVG format, typically SVG Tiny 1.2 or SVG Tiny PS version, designed for optimal rendering and security in email clients.
- VMC is a Core Component: For most widespread BIMI adoption, a Verified Mark Certificate (VMC) is a crucial element that links the authenticated logo to the domain, verifying its authenticity and preventing unauthorized use.
- Sequential Implementation Steps: The implementation process follows a clear sequence: first, establishing strong DMARC enforcement; second, preparing and securely hosting the compliant SVG logo; third, obtaining a VMC; and finally, publishing the BIMI DNS TXT record that points to both the SVG and VMC.
Key considerations
- VMC Applicability Varies: While a Verified Mark Certificate (VMC) is widely required for BIMI, some providers like Verizon Media, and potentially Google and Microsoft, may use alternative brand-to-logo matching systems or validate logos outside of the official VMC standard. This means the VMC isn't universally mandatory across all inbox providers, though highly recommended for broader adoption.
- Trademarked Logo for VMC: Obtaining a Verified Mark Certificate (VMC) typically necessitates that the brand logo be officially trademarked, ensuring the legitimacy and ownership of the visual mark being displayed.
- Secure Logo Hosting: The SVG logo file must be hosted securely on a web server, specifically accessible over HTTPS, to ensure its integrity and reliable delivery.
- VMC Issuing Authorities: Verified Mark Certificates (VMCs) must be acquired from approved Certificate Authorities (CAs), such as DigiCert or Entrust, which are recognized for issuing these specialized certificates.
Marketer view
Marketer from Email Geeks shares that Westwing.com, a retail-home decor brand, was discussing BIMI at the CSA summit, though it's uncertain if they've implemented it yet.
19 Feb 2022 - Email Geeks
Marketer view
Marketer from Email Geeks suggests that a potential missed step in BIMI implementation could be obtaining a Verified Mark Certificate (VMC) and advises checking the BIMI Group FAQs.
28 Feb 2022 - Email Geeks
What the experts say
4 expert opinions
BIMI implementation is largely consistent across experts, emphasizing the critical role of strong email authentication and verified brand assets. A core requirement is establishing a DMARC policy set to 'quarantine' or 'reject', supported by accurate SPF and DKIM records. Brands must also prepare their logo in a specific SVG format. Crucially, a Verified Mark Certificate (VMC) obtained from a trusted certificate authority is generally necessary to authenticate the logo and prevent its misuse. Once these elements are in place, a BIMI DNS record is published to enable its display. While these are the standard steps, specific inbox providers like Google and Microsoft may have distinct, or currently unrevealed, requirements or separate brand verification programs.
Key opinions
- DMARC Enforcement is Foundational: A primary requirement for BIMI is a robust email authentication setup, specifically DMARC with a policy enforced at 'quarantine' or 'reject', complemented by properly configured SPF and DKIM records to ensure message legitimacy and domain protection.
- SVG Logo and VMC are Essential: Brands must prepare their logo in a specific SVG format and, for most major inbox providers, obtain a Verified Mark Certificate (VMC) from a trusted certificate authority to authenticate the logo and prevent brand impersonation. This VMC links the verified logo to the authenticated email domain.
Key considerations
- Provider-Specific Standards: Different inbox providers, such as Google and Microsoft, maintain their own specific or yet-to-be-disclosed requirements for BIMI implementation, or may utilize separate brand identity programs like Microsoft's 'Business Profiles' program, impacting universal adoption and implementation strategies. Verizon Media, for example, clearly outlines its own DMARC, SVG, and DNS record prerequisites for BIMI display.
- Lack of Public Adoption List: A comprehensive public directory of brands that have successfully adopted BIMI is not yet available, making it difficult to fully assess its current widespread usage and identify specific examples of successful deployments.
Expert view
Expert from Email Geeks responds that a clear list of brands adopting BIMI does not exist yet, but he is also looking for one and knows a small sample list was presented by the BIMI Group last year.
9 Aug 2022 - Email Geeks
Expert view
Expert from Email Geeks outlines the requirements for BIMI participation at Verizon Media (VZM), including DMARC enforcement, SVG logo availability, and a published BIMI DNS record. He also notes that Google has not published their requirements yet, and Microsoft uses a separate "Business Profiles" program with long wait times.
24 Oct 2022 - Email Geeks
What the documentation says
7 technical articles
Implementing Brand Indicators for Message Identification (BIMI) requires adherence to several key technical and brand-related criteria, primarily centered around email authentication and logo verification. Organizations must first establish a robust DMARC policy set to 'quarantine' or 'reject', ensuring their email domains are securely authenticated. Beyond authentication, the brand's logo needs to be prepared in a specific SVG format and securely hosted. For broad visibility, a Verified Mark Certificate (VMC) is generally necessary, which further validates the logo's authenticity and typically necessitates that the logo is a legally registered trademark. The implementation process logically follows these requirements: secure DMARC, prepare and host the SVG, obtain the VMC, and finally, publish the BIMI DNS TXT record.
Key findings
- DMARC Enforcement is Paramount: A non-negotiable requirement for BIMI is an enforced DMARC policy, configured to either 'p=quarantine' or 'p=reject', which establishes a strong foundation for email authentication and domain security.
- Specific SVG Logo Format: The brand logo must conform to a precise SVG format, typically SVG Tiny 1.2 or SVG Tiny PS, and must be hosted securely on a public web server, accessible via HTTPS.
- VMC is a Widespread Requirement: A Verified Mark Certificate (VMC) is generally indispensable for most inbox providers to display the brand logo, serving as a digital certificate that authenticates the logo to the email domain and prevents impersonation.
- Trademarking is Essential for VMC: Crucially, obtaining a Verified Mark Certificate (VMC) typically mandates that the brand logo be a legally registered trademark, adding a layer of legal validation to its use.
- Clear Implementation Sequence: BIMI implementation follows a consistent set of steps: first, ensuring DMARC enforcement; second, preparing and securely hosting the compliant SVG logo; third, acquiring a VMC from a trusted Certificate Authority; and finally, publishing the BIMI DNS TXT record for the domain.
Key considerations
- Legal Trademark Prerequisite for VMC: Before applying for a Verified Mark Certificate (VMC), organizations must ensure their brand logo is a legally registered trademark, as this is a fundamental requirement for VMC issuance from Certificate Authorities.
- Choosing an Approved Certificate Authority: Verified Mark Certificates (VMCs) must be sourced from approved Certificate Authorities, such as DigiCert or Entrust, which are recognized for issuing these specialized digital certificates.
- Secure Hosting of SVG Logo: The SVG logo file requires secure hosting on a web server, specifically accessible over HTTPS, to guarantee its integrity and reliable loading within email clients.
- Alignment with DMARC Authentication: Beyond the DMARC enforcement policy, it's vital to ensure that DMARC aligned SPF and DKIM authentication records are properly configured, as these underpin the DMARC policy and BIMI's functionality.
Technical article
Documentation from Google Workspace Admin Help explains that BIMI requires an enforced DMARC policy (p=quarantine or p=reject), a secure SVG logo, and a Verified Mark Certificate (VMC). Implementation involves ensuring DMARC enforcement, obtaining a verified SVG logo, securing a VMC (if desired), and then adding the BIMI DNS TXT record.
22 Dec 2022 - Google Workspace Admin Help
Technical article
Documentation from DMARC.org shares that key BIMI requirements include an enforced DMARC policy set to quarantine or reject, DMARC aligned SPF/DKIM authentication, a specific SVG Tiny 1.2 logo format, and a Verified Mark Certificate (VMC) for most inbox providers. Implementation steps involve securing DMARC, preparing the SVG, obtaining a VMC, and publishing the BIMI DNS record.
10 Jul 2021 - DMARC.org
How do I set up DMARC for BIMI and what are the key considerations?
What are the benefits and requirements of BIMI for email deliverability and branding?
What are the costs and steps for implementing BIMI (Brand Indicators for Message Identification)?
What are the requirements for using a word mark with BIMI?
What are the requirements to implement BIMI, and which providers support it?
What are the steps for BIMI verification and logo display?
