Summary
BIMI can function on multiple levels of subdomains with the correct configuration. Each subdomain must have its own dedicated BIMI DNS record, and the Verified Mark Certificate (VMC) needs to explicitly include and be valid for each subdomain. The BIMI record must be published at the RFC5322.From domain or the organizational domain. Ensure the VMC lists the relevant domains in the Subject Alternative Name (SAN) field. Properly configured DNS records and accurate VMC validation are essential for the BIMI logo to display correctly across different subdomain levels. Setting up BIMI at the top-level domain will not automatically cascade down to subdomains; each subdomain must be configured independently.
Key findings
- Individual DNS Records: Each subdomain requires its own distinct BIMI DNS record.
- VMC Validation: The Verified Mark Certificate (VMC) must be valid for each subdomain where BIMI is used.
- No Automatic Cascading: BIMI configuration on the top-level domain does not automatically apply to subdomains.
- VMC SAN Field: The VMC must list each domain/subdomain in the Subject Alternative Name (SAN) field.
- From Domain Matching: The domain in the BIMI DNS record must match the 'From:' domain in the email.
Key considerations
- Accurate DNS Configuration: Ensure that each subdomain has correctly configured DNS records for BIMI.
- VMC Scope Verification: Verify that the VMC covers all required subdomains and that each is correctly listed in the SAN.
- Independent Configuration: Each subdomain that sends emails independently needs its own BIMI configuration.
- Regular Testing: Test the BIMI implementation on each subdomain to ensure proper functionality and logo display.
- Troubleshooting: If the BIMI logo is not displaying on a subdomain, check the DNS records and VMC validity specifically for that subdomain.
What email marketers say
8 marketer opinions
BIMI can work on multiple levels of subdomains, but it requires careful configuration. Each subdomain needs its own distinct BIMI DNS record, and the Verified Mark Certificate (VMC) must be valid for each specific subdomain. Simply setting up BIMI at the top-level domain will not automatically apply to subdomains. DNS records and VMC validation must be in place for each subdomain where the BIMI logo is intended to display. Proper configuration is essential to ensure the logo displays correctly across different subdomain levels.
Key opinions
- Subdomain BIMI Record: Each subdomain must have its own individual BIMI DNS record.
- VMC Validation: The VMC must be valid for each specific subdomain.
- No Cascading: BIMI setup on the top-level domain does not automatically cascade down to subdomains.
- Configuration: Proper DNS configuration is critical for BIMI to function correctly on subdomains.
Key considerations
- DNS Configuration: Verify that the BIMI DNS records are correctly set up for each subdomain.
- VMC Scope: Ensure the VMC includes all relevant subdomains in its Subject Alternative Name (SAN) field.
- Troubleshooting: If the BIMI logo isn't displaying, check the DNS records and VMC validity for each subdomain.
- Email Sending Practices: If emails are sent from different subdomains, each requires its own BIMI setup.
Marketer view
Email marketer from ValiMail.com (now Agari) mentions that while BIMI primarily works at the organizational domain level, it can be configured for subdomains. Each subdomain requires its own BIMI record and corresponding VMC validation.
16 May 2024 - ValiMail.com
Marketer view
Email marketer from DMARC Analyzer explains that BIMI can be implemented on subdomains, but each subdomain requires its own distinct BIMI DNS record. This involves setting up the appropriate TXT record for BIMI on each subdomain and ensuring that the VMC covers each domain that you want to use BIMI on.
13 Aug 2024 - DMARC Analyzer
What the experts say
1 expert opinions
BIMI can function on subdomains, provided that it is correctly set up. This means ensuring that each subdomain has the appropriate DNS records and that the VMC (Verified Mark Certificate) is valid for each subdomain.
Key opinions
- Subdomain Configuration: Proper configuration is necessary for BIMI to work on subdomains.
- DNS Records: Each subdomain must have its own DNS records configured for BIMI.
- VMC Validation: The VMC must be valid for each subdomain intended to use BIMI.
Key considerations
- Configuration Accuracy: Ensure all DNS records are correctly configured.
- VMC Scope: Verify that the VMC covers each specific subdomain intended to use BIMI.
- Testing: Test BIMI implementation on each subdomain to confirm proper functionality.
Expert view
Expert from Word to the Wise explains that BIMI should work on subdomains if properly configured with the corresponding DNS records and VMC validation for each subdomain.
7 Sep 2024 - Word to the Wise
What the documentation says
3 technical articles
BIMI can operate on subdomains if properly configured. This requires that the Verified Mark Certificate (VMC) explicitly includes the relevant domains and subdomains intended to display the BIMI logo. Each subdomain must have its own BIMI record, and the 'From:' domain in the email must match the domain in the BIMI DNS record. The VMC must list the domain or subdomain in the Subject Alternative Name (SAN) field.
Key findings
- VMC Inclusion: The VMC must include all relevant domains and subdomains.
- Individual BIMI Records: Each subdomain must have its own BIMI DNS record.
- Domain Matching: The 'From:' domain must match the domain in the BIMI DNS record.
- SAN Listing: The VMC needs to list the domain or subdomain in the Subject Alternative Name (SAN) field.
Key considerations
- VMC Verification: Verify that the VMC covers all required subdomains.
- DNS Record Accuracy: Ensure that each subdomain's BIMI DNS record is correctly configured.
- Subdomain Independence: If subdomains send emails independently, each must have its own BIMI configuration.
Technical article
Documentation from the BIMI Group specifies that the domain in the BIMI DNS record must match the 'From:' domain in the email. This applies to subdomains as well; each subdomain must have its own BIMI record if it sends emails independently.
4 Jun 2025 - BIMI Group
Technical article
Documentation from DigiCert explains that BIMI needs a Verified Mark Certificate (VMC) that must list the domain or subdomain in the Subject Alternative Name (SAN) field. If you want BIMI to work on subdomains, ensure the VMC covers those specific subdomains.
20 Nov 2023 - DigiCert
Does a parent domain need BIMI for subdomain BIMI to work?
Does BIMI trickle down to subdomains and how to control subdomain BIMI display?
How do I implement BIMI for multiple brands with subdomains?
How do I implement DMARC with BIMI on multiple subdomains?
How do I set up DMARC records for subdomains?
How to apply BIMI to a specific subdomain instead of the entire domain?
