Why isn't my BIMI logo showing in Gmail, despite correct implementation and a VMC?
Matthew Whittaker
Co-founder & CTO, Suped
Published 12 Aug 2025
Updated 17 Aug 2025
6 min read
It can be incredibly frustrating to diligently implement Brand Indicators for Message Identification (BIMI) for your domain, secure a Verified Mark Certificate (VMC), pass all validation checks, and yet still find your logo isn't appearing in Gmail inboxes. This situation is more common than you might think and often points to nuances in the requirements that can be easily overlooked.
Many email senders experience this, especially when dealing with the strict policies of major mailbox providers (MBPs) like Gmail. While a VMC is a crucial step, it's not always a golden ticket for logo display.
Let's explore the key reasons why your BIMI logo might not be showing in Gmail and what steps you can take to troubleshoot these issues.
The critical role of DMARC enforcement
A common point of confusion arises when the DMARC policy for the organizational (root) domain is not set to an enforcement level, even if the sending subdomain's DMARC is correct. BIMI requires a strong DMARC policy of either quarantine (p=quarantine) or reject (p=reject) for both the organizational domain and the RFC5322.From domain of the message. If your organizational domain's policy is p=none, your logo won't display in Gmail, even if your sending subdomain has a stricter policy.
Furthermore, if you are using a quarantine policy, the pct tag, which specifies the percentage of messages to which the DMARC policy applies, must not be less than pct=100. This ensures that all unauthenticated emails are subject to your DMARC policy, which is a key requirement for BIMI. You can find more details on this requirement in the BIMI specification draft.
Changing a DMARC policy for an organizational domain can be a significant undertaking, especially for large companies with many legacy systems and sending sources. It requires a thorough understanding of your email ecosystem to avoid disrupting legitimate email flows. Incremental rollout, starting with a small percentage and gradually increasing, is a recommended approach for safely transitioning to an enforcement policy.
Even with a VMC, Gmail's display of your BIMI logo is heavily influenced by your sender reputation. A poor reputation, due to high spam complaints, blocklist (or blacklist) listings, or inconsistent email authentication, can prevent your logo from showing, regardless of your BIMI and DMARC setup. Gmail wants to ensure only trusted senders display their logos, adding an extra layer of scrutiny. VMCs are not a golden ticket.
Focusing on overall email deliverability and sender reputation is crucial for BIMI success. This involves consistent sending practices, maintaining clean email lists, avoiding spam traps, and monitoring your domain's health. You can learn more about improving your email deliverability and understanding your domain reputation.
Beyond DMARC: other common culprits
Even with a VMC, several technical aspects of your BIMI setup can prevent your logo from displaying. These often involve the SVG file itself, how it's hosted, and its relationship with your VMC.
First, the SVG (Scalable Vector Graphics) file for your logo must adhere to strict specifications, including being square, having a solid background color, and no text or animation. It also needs to be accessible via HTTPS. Crucially, the SVG file's hash (digest) embedded in your VMC must exactly match the hash of the SVG file hosted on your web server. If these do not align, mail user agents (MUAs) will not display the logo, even if all other checks pass. This can happen if the certification authority (CA) uploaded an incorrect version of your logo.
Second, DNS propagation delays can also be a factor. While your BIMI DNS record might appear correct in validators shortly after publishing, it can take up to 48 hours (sometimes longer, especially for large organizations) for these changes to fully propagate across the internet and for various mailbox providers to pick them up.
Common SVG issues
Incorrect format: SVG file is not a square, contains animation, or embedded text.
Inaccessible URL: SVG file is not hosted on an HTTPS server or has incorrect permissions.
VMC mismatch: The hash of the hosted SVG does not match the hash recorded in the VMC. Ensure your BIMI SVG and certificate are in sync.
Best practices for SVG
Use a trusted validator: Verify your SVG file against a reputable BIMI validator before obtaining your VMC.
Self-host SVG and PEM: Host your SVG logo and the PEM file for your VMC on your own web server rather than relying solely on your CA. This gives you more control.
Monitor changes: Regularly check that your hosted SVG and VMC remain consistent, especially after any updates to your logo or certificate.
Verifying your BIMI setup
Thorough verification of your BIMI records is essential. Start by double-checking your BIMI DNS TXT record for any typos or formatting errors. Ensure the v= tag is set to BIMI1, the l= tag points to the correct SVG file URL, and the a= tag points to the PEM file containing your VMC.
Leverage a BIMI validator tool to perform an automated check of your entire BIMI setup, including DMARC, SVG, and VMC. These tools can often pinpoint subtle issues that are hard to spot manually. Pay close attention to any warnings or errors related to your VMC chain, logo accessibility, or digest mismatches.
Also, consider the certificate authority that issued your VMC. Some CAs are more meticulous than others regarding BIMI requirements and the handling of SVG files. Ensuring the integrity of the SVG file uploaded by the CA is paramount. If you suspect an issue, you might need to coordinate with your CA to confirm the exact SVG file associated with your VMC and its hash.
Non-compliant DMARC will prevent logo display, particularly in Gmail.
Sender Reputation
Maintain a consistently good sending reputation. Monitor for spam complaints or blocklist (blacklist) appearances.
Low reputation can override correct BIMI setup, leading to logo suppression by MBPs.
SVG File & Hosting
Ensure SVG is square, accessible via HTTPS, and matches the hash in your VMC. Check BIMI's FAQs for senders.
Incorrect SVG formatting or mismatch with VMC will cause the logo not to display.
DNS Propagation
Allow sufficient time (up to 48 hours or more) for DNS changes to propagate globally after updating your BIMI records or DMARC policy.
Premature checks may show non-display even if the setup is eventually correct.
Advanced considerations and troubleshooting
For very large organizations, transitioning the organizational domain's DMARC policy to quarantine or reject can indeed feel like a monumental task. The perceived cost and potential for disruption often lead to resistance. However, the long-term benefits of robust DMARC enforcement, including protection against email spoofing and phishing attacks, far outweigh the initial challenges. Allowing impersonation and fraud can ultimately be much more costly to the business in terms of reputation and direct financial impact.
It's worth noting that even with a perfectly configured BIMI record and VMC, and a strong DMARC policy, the ultimate decision to display your logo rests with each individual mailbox provider. Their algorithms and policies, which include sender reputation, can influence whether the logo appears. Gmail, in particular, has a reputation for being stringent, often requiring a strong and consistent sending history.
Therefore, ongoing monitoring of your DMARC reports, deliverability metrics, and sender reputation is not just recommended, it's essential. This proactive approach helps identify issues early and ensures your BIMI logo has the best possible chance of consistent display in all supporting email clients.
Views from the trenches
Best practices
Ensure your root organizational domain has a DMARC policy of p=quarantine (with pct=100) or p=reject.
Verify that your SVG logo file is correctly formatted, accessible via HTTPS, and its hash matches the one in your VMC.
Consistently monitor your sender reputation and DMARC reports to maintain high deliverability rates.
Common pitfalls
Overlooking the DMARC policy requirement for the root organizational domain, assuming only the sending subdomain matters.
Relying solely on your Certificate Authority to manage your SVG logo and PEM file, potentially leading to mismatches or outdated files.
Neglecting sender reputation, which can lead to logo suppression by mailbox providers like Gmail, even with a valid VMC.
Expert tips
Implement a phased approach to DMARC enforcement for large organizations to mitigate risks and gain internal buy-in.
Proactively clean up DNS records, removing unused platforms, to avoid hitting the 10 DNS lookup limit for SPF records.
Understand that VMCs are part of the process, but ongoing email deliverability practices are key to consistent BIMI display.
Expert view
Expert from Email Geeks says that DMARC must be set to quarantine or reject, and if using quarantine, the pct value must be 100%. This applies to both the sending domain and the organizational domain.
2024-08-14 - Email Geeks
Marketer view
Marketer from Email Geeks says that they were not informed by their Certificate Authority about the requirement for the root domain's DMARC policy to be at enforcement.
2024-08-14 - Email Geeks
Final thoughts
While obtaining a VMC and correctly configuring your BIMI DNS record are significant achievements, they are only part of the puzzle for consistent logo display in Gmail. The strict DMARC policy requirement for organizational domains, the importance of sender reputation, and meticulous SVG file management are critical factors that often explain why your logo isn't showing up. By addressing these areas comprehensively, you can significantly increase your chances of seeing your brand's logo proudly displayed in Gmail inboxes.
Organizational DMARC Policy
