Is BIMI the new frontier for email marketers?

minute read

Post Image

BIMI may allow email marketers to further indicate trust in the inbox with those who receive their emails. It’s important that email marketers understand the potential promise of BIMI while also appreciating the challenges to widespread adoption.

As a very quick refresher, for those who don’t have time to dive into our original blog, BIMI is a visual indicator on an email to indicate to the consumer this message is truly from the brand. The project was started as a means to help motivate brands to authenticate email messages in a strong and secure manner. Think of it as a brand-building reward for organizations following best practices and taking email security seriously.

There are still several moving parts within the BIMI project, including discussions about trust and certification of an image, logo, and brand to prevent anyone from simply creating a BIMI record and putting a logo there. BIMI is the carrot to the authentication stick, helping push greater adoption of stronger records by brands, and to motivate people away from the set-and-forget mentality.

It is important to remember that BIMI is not a trust mark or authentication solution, regardless of how it might be derived. Sure, you’ll need to properly authenticate your email to even qualify to use BIMI, but that’s not the point. BIMI is a way to drive adoption of sending best practices, and particularly authentication solutions like DMARC, DKIM, and SPF.

“Failure to follow emailing best practices harms your deliverability and can result in question marks, phish hooks, or other negative indicators on your messages. But if you do the right thing, you should get more. This is where BIMI shines; through providing impressions and control for brands, and improved security practices for receivers and users in their mailboxes. Everyone wins.” – Seth Blank, chair of the BIMI working group

Which mailbox providers currently use BIMI?

As part of the current beta program for BIMI, Oath (AOL, Yahoo, Verizon, and their partners) is the only major mailbox provider (MBP) running an approved whitelist program displaying the branded logos in their UI and mobile email client. This means you need to do the configuration work and then request to be included. Approval is at the discretion of the team at Oath, and acceptance is not a guarantee. Currently, this program is monitored by several other interested MBPs, but none have launched any type of support for this trial. Microsoft’s announcement of verified indicators for email seems similar, but is currently unrelated to the ongoing BIMI beta, and does not hinge on best practices or authentication.

“We participate in BIMI to create a tool brands can actually control and we on the receiver side can trust, thus improving the experience for our mutual customers.” – Marcel Becker, product manager at Oath

Why should you use BIMI?

Early results from BIMI participants indicate a slight increase in consumer interaction with a brand’s messages when viewed via Yahoo mobile or webmail clients. However, the data is nothing we can share yet, unfortunately, as we need more participants to get a good sense of the true impact. Of course, brands should get ready now to prepare for future participation as more MBPs start to add the functionality into their platforms, and more interest and qualifying applicants might accelerate the adoption of this solution. Thus the chicken meets the egg…adoption leads to support, support leads to adoption.

How can you participate?

Start by reviewing your existing authentication records, for both your marketing and corporate domains.

  • Is SPF set up correctly?
  • Do you DKIM sign your mail?
  • Do you have a DMARC record?
    • Is your policy p=quarantine or p=reject?

If you answered yes the all of the above questions, you may be ready for BIMI. Creating a BIMI record is relatively easy. Here is a sample of the 250ok record:

default._bimi.250ok.com. IN TXT “v=BIMI1; l=https://250ok.com/img/250okLogoMark.svg; a=;”

You can copy this, replace the domain and the logo location with your own and create the required DNS record.

Need more help? Let us know.