What is BIMI?

What is BIMI?

BIMI stands for Brand Indicators for Message Identification. It is a relatively new technology that uses DKIM, SPF, and DMARC enforcement to verify an email’s sender and show the brand’s logo next to its emails in subscribers’ inboxes.

While it isn’t strictly a means of email authentication, BIMI plays a role in enhancing email security. By implementing BIMI, you provide your email recipients with the added reassurance that an email is truly from the brand it claims to be from.

How does the BIMI email security protocol work?

Very simply put, BIMI Brand Indicators are small icons that appear next to the names of email senders in the recipient’s inbox when the BIMI process has verified that the email is truly from the sender it claims to be from.

The BIMI process consists of multiple steps:

• First, the email goes through the DMARC, DKIM, and SPF authentication protocols.
• If the email is authenticated by these protocols, the recipient’s email service will check to see if there is a valid BIMI record attached to the email. BIMI records are similar in format to SPF records. They are TXT files that need to be published on the DNS to be functional.
• If the email has a valid BIMI record, the recipient’s email server will validate that record and display the brand’s logo next to its email.

That’s not all, though. BIMI requires brand logos to have the SVG Tiny Portable/Secure format. It cannot display JPGs, PNGs, or GIFs.

At the time of writing, there are still some differences in how various email clients handle BIMI, and not all email providers offer BIMI support just yet. But if they do, the above process is always true.

The Verified Mark Certificate: a not-so-optional extra

Some email service providers (ESPs), including Gmail, require an additional piece of validation for BIMI implementation called a Verified Mark Certificate (VMC). This is a digital certificate proving you are legally allowed to use the brand logo you intend to use for your BIMI record. That means your brand logo needs to be a registered trademark. This is a crucial part of the BIMI email security process, ensuring only authorized entities can use specific brand logos.

Once you have the documentation to prove that your logo is, in fact, your official logo, you can request the certificate and proceed through the BIMI process.

Since your subscribers will probably use a wide range of email clients, getting the VMC is the safest way to go.

Which mailbox providers support BIMI?

At the time of writing, some of the more popular email mailbox providers that support BIMI include:

• Gmail
• Yahoo Mail (but not Yahoo Japan)
• Aol Mail
• Fastmail
• Netscape
• Apple* (*Apple only offers BIMI support from iOS16 and MacOS Ventura onward)

Unfortunately, Microsoft mailbox providers such as Outlook and Office 365 don’t support BIMI and Microsoft hasn’t yet announced plans to change that.

If your recipients are using email clients that support BIMI and you’ve implemented BIMI correctly, they’ll see your brand logo appear next to your emails in their inboxes.

While not all email providers offer BIMI support yet, BIMI is becoming increasingly important.

With Apple now supporting the BIMI email protocol, it’s now possible for 90 percent of consumers to see brand logos in their inboxes.

Why is BIMI so important for email marketers?

BIMI is not just a fancy email add-on, it is a strategic move to enhance your email marketing. As seeing brand logos in the inbox becomes more and more common, you don’t want to be the one blank space amidst a sea of colorful senders. However, implementing BIMI is not just a matter of hopping on board an accelerating train. There are some real benefits for your business to reap.

BIMI:

• Helps improve your email security
• Increases brand recognition and consumer trust
• Makes your email messages stand out in your recipient’s inbox

BIMI leverages behind-the-scenes security updates

Because BIMI requires an enforced DMARC policy, email senders need to implement each authentication protocol to use it. This better ensures you’re doing everything possible to protect your brand and your email recipients.

BIMI helps subscribers avoid phishing attempts

Over time, email marketers and other industry experts hope subscribers will view BIMI as a trust indicator and thus will be able to distinguish legitimate mail from dangerous phishing emails.

BIMI makes your messages stand out

On top of boosting brand visibility, having your brand’s logo appear in subscribers’ email inboxes also improves your brand recognition, which in turn helps improve your open rates. After all, recipients are more apt to open email messages from senders they trust.

Lastly, even if subscribers don’t instantly open your emails, they’ll still see your logo, keeping your brand top of mind when they’re looking to make purchases.

BIMI enables brand-controlled logos

BIMI brand indicators change that. They allow you to communicate what your official logo is and have that logo displayed by supporting email clients.

How to prepare for BIMI

BIMI requires proper SPF, DKIM, and DMARC enforcement. But it’s not enough to simply have all three protocols in place.

That especially applies to DMARC. To be able to use BIMI, you need a DMARC policy of either p=quarantine or p=reject. The former tells mail servers to send emails that fail DMARC to spam, and the latter blocks these emails from being delivered entirely.

If you have a DMARC policy of p=none (in which mail servers are instructed to not do anything with emails that fail DMARC), BIMI won’t work.

In other words, implementing DMARC properly, so that it protects recipients against malicious senders, is key for BIMI adoption.

How to implement BIMI

Create your BIMI brand logo image

As mentioned above, the image also can’t have just any type of file format. You’ll need to create or save it as SVG Tiny Portable/Secure or convert it to that format.

Once you have an image that follows all BIMI guidelines, the SVG file must be published via HTTPS before you can reference it in your BIMI record. Save the https:// URL of your BIMI file so you can use it to create your BIMI DNS record.

Update your DNS records

If you aren’t versed in code, Validity offers a BIMI Wizard to create it for you so you can publish it on the DNS.

And if you have a VMC, you’ll also want to include it in your BIMI record.

To make sure you’ve set everything up correctly, you can use AuthIndicators Group’s BIMI Inspector.

FAQ

Does BIMI impact deliverability?

Yes, as BIMI works with and alongside DMARC, DKIM, and SPF to verify the sender of an email, implementing BIMI can help improve your deliverability.

Why isn’t my BIMI logo populating?

If the above looks fine, it’s also possible that your recipient isn’t using a mail client with BIMI support.

Why are my BIMI-enabled emails sent to spam?

This is likely an issue with your email authentication rather than your BIMI setup. First, confirm that your SPF and DKIM policies are configured properly. Once you’re sure those are correct, move on to your DMARC record. Is it working the way it should?

If it is, ensure your policy is set to either quarantine or reject. Also confirm that your percent option is set to 100, meaning your DMARC policy is applicable to 100 percent of your mail.

BIMI is the next step to winning attention in your subscribers’ inboxes

With the emerging email specification BIMI, you’re able to have email clients display your official logo in your recipient’s inboxes.

This boosts your brand recognition and helps build trust as recipients are assured that emails displaying your logo are truly coming from your brand.

For expert assistance with BIMI, check out Validity Everest. This email success platform can confirm your SPF and DKIM policies are aligning and your mail is traveling smoothly to the inbox, but it also provides the tools you need to monitor the performance of your authentication policies.