How do I validate BIMI records and fix common errors?

Key findings

• DNS record accuracy: BIMI records are TXT records published in your DNS, typically at default._bimi (or another selector) for your domain or subdomain. Incorrect placement or syntax is a frequent cause of validation issues.
• SVG file compliance: The SVG logo must adhere to strict BIMI specifications, including being square, having a viewBox attribute, and not containing external references or scripts. Many errors arise from simply embedding a non-SVG image (like a PNG) within an SVG container.
• VMC validity: For major email clients like Gmail, a valid and properly linked Verified Mark Certificate (VMC) is required to display your logo. The logo within the VMC must precisely match your external SVG logo.
• DMARC enforcement: BIMI only functions if your domain has a DMARC policy set to p=quarantine or p=reject. A p=none policy will not enable BIMI display.

Key considerations

• Utilize validation tools: Various online BIMI checkers and inspectors are available to help you diagnose issues and provide actionable recommendations. These tools can verify your DNS record, SVG URL, and VMC.
• Host SVG securely: Ensure your SVG file is hosted on a secure, HTTPS-enabled server with appropriate Cross-Origin Resource Sharing (CORS) headers if necessary. Improper hosting can prevent the logo from loading.
• Match certificate and logo: If using a VMC, confirm that the logo embedded within the certificate is identical to the SVG file referenced in your BIMI TXT record. Any discrepancy will lead to failure.
• Subdomain configuration: When using a subdomain, ensure your BIMI, DMARC, SPF, and DKIM records are correctly configured for that specific subdomain. You can learn more about BIMI requirements and implementation steps here. Also, explore BIMI Group FAQs for more details.

Key opinions

• Tool reliance: Many marketers rely on third-party BIMI inspector tools for quick validation, as checking email headers alone isn't sufficient to see all BIMI-related information.
• SVG formatting: A recurring pain point is the strict SVG specification. Marketers often encounter errors when their SVG isn't truly vector-based or lacks square dimensions, even if it appears correct visually.
• VMC necessity: There's a common understanding that while some email clients might be lenient, a Verified Mark Certificate (VMC) is generally required for full BIMI support, especially with major providers like Gmail.
• DNS record placement: Marketers sometimes initially misplace the BIMI DNS record, leading to validation failures, particularly when working with subdomains.

Key considerations

• Consistent logo: Marketers need to ensure the logo within the VMC precisely matches the public SVG file to avoid validation issues. This means coordinating with design teams.
• Subdomain setup: For subdomains, it's crucial to confirm that all necessary DNS records (BIMI, DMARC, SPF, DKIM) are correctly published for that specific domain. You can read more about unexpected strings in BIMI DNS records.
• True SVG: Educating design teams on producing a 'true' SVG, rather than merely re-saving a raster image as an SVG, is vital for successful BIMI implementation.
• Proactive testing: Marketers should proactively use validation tools and send test emails to supported inboxes to verify BIMI display before wider campaign launches. This aligns with advice found in The SSL Store's guide on BIMI setup.

Key opinions

• DMARC enforcement is paramount: Experts consistently state that a DMARC policy of p=quarantine or p=reject is a non-negotiable prerequisite for BIMI to work.
• SVG authenticity: True SVG graphics are essential; simply renaming a PNG or JPG to SVG will not pass validation due to the strict technical specifications.
• VMC accuracy: The VMC must be issued by a BIMI-accredited Certificate Authority, and the logo embedded within it must be an exact match to the publicly hosted SVG.
• Layered dependencies: BIMI's success hinges on the correct configuration of SPF, DKIM, and DMARC. Any misalignment in these foundational protocols can prevent BIMI from displaying.

Key considerations

• Comprehensive validation: Employ multiple BIMI validation tools, as they may offer different diagnostic insights into potential errors, from DNS issues to SVG rendering problems.
• SVG hosting: Confirm that the SVG file is hosted on a public, HTTPS URL and includes proper CORS headers to allow email clients to fetch it. This is a common oversight that leads to non-display. For more information, check our guide on troubleshooting SVG issues.
• DNS TTL settings: Be mindful of DNS Time-To-Live (TTL) settings after making changes, as propagation delays can affect how quickly BIMI updates are recognized by mail servers.
• Accredited CAs: Obtain your VMC from a Certificate Authority that is explicitly accredited by the BIMI Group to ensure its acceptance by email clients. You can find a guide to BIMI accredited certificate providers on our site.

Key findings

• DMARC dependency: The BIMI specification explicitly states that BIMI can only be implemented on domains with a DMARC policy of p=quarantine or p=reject.
• SVG requirements: SVG files must be square, publicly accessible over HTTPS, and meet strict security requirements outlined in the BIMI specification (e.g., no external references, no scripts).
• VMC authentication: A Verified Mark Certificate (VMC) issued by a BIMI-approved Certificate Authority is crucial for domain and logo authentication, ensuring the brand's legitimacy.
• DNS record format: The BIMI record is a TXT record typically located at default._bimi.yourdomain.com, containing the SVG and VMC URLs.

Key considerations

• Adherence to standards: Strict adherence to BIMI specifications for SVG and VMC is necessary for successful implementation and validation across supporting email clients. For details on recommended SVG dimensions, refer to our guide.
• Comprehensive checks: Utilize official and reputable BIMI validation tools to cross-check all components, from DNS entry to SVG and VMC integrity. This helps in validating your BIMI SVG and certificate.
• Logo match: Ensure the logo depicted in the VMC is an exact visual match to the SVG logo used in the BIMI record, preventing authentication failures.
• Public accessibility: The SVG file must be publicly accessible via HTTPS. Inaccessible or insecurely hosted SVG files will prevent BIMI logos from displaying.