Domain owners (brands) publish brand assertions for domains via DNS.
Then, for any email message received by a mailbox provider, the mailbox provider authenticates the message. If the message passes authentication, the mailbox provider queries the DNS for a corresponding BIMI record. If a BIMI record is present, the mailbox provider can use the brand (logo) with the display of that message in the inbox.
NOTE: Each participating mailbox provider has their own criteria for determining when a domain’s BIMI logo may be displayed. Please see the Senders FAQ for more guidance.
Why do I want BIMI?
Linking your brand’s logo to an email is challenging, and there are hundreds of thousands of brand and logo combinations. Without a standardized means of discovering and publishing each brand’s preferred logo, each mailbox provider or email interface (MUA) interested in displaying logos is required to create a unique system for logo management and display. This results in complex, hard to maintain, proprietary systems that frequently leave brands frustrated with the logos associated with their emails. BIMI helps standardize logo display for participating organizations.
BIMI enables brands to have control over the logos displayed with their email. It is important to know that BIMI is not a security solution, in and of itself, although it requires the use of strong email authentication solutions. BIMI allows for mailbox providers to utilize your brand logo to be displayed in their mail interface.
To be used in association with BIMI, the logo must be formatted in a way it is recognizable as associated with the brand, easily displayed at various resolutions, and include characteristics that support verification and security.
The logo must be square, must be saved as a version of the Scaled Vector Graphic (SVG) format. Specifically, the SVG logo must follow the restrictions defined by the SVG Tiny Portable/Secure profile, as authored by the BIMI Working Group. The logo cannot include any <script> tags, should not include any external links, and requires a few manual tweaks to meet size and security requirements.
As the specification continues to be developed some mailbox providers may require that the logo should be focused towards the brand’s legally registered Logo Type, and not include any secondary Word Marks or unregistered marks.
Implementing BIMI can appear challenging to some organizations. Here is a short checklist that should be reviewed before you attempt to implement BIMI:
- Authenticate all of your organization’s emails so that:
- the sending domain passes DMARC,
- the DMARC organizational domain and subdomain policies are set to either “quarantine” or “reject”, and
- the percentage subdomain policy cannot be set to anything less than 100pct.
- Publish a BIMI record for your domain in DNS which:
- points to the logo indicator in SVG format to be used, and/or
- a Verified Mark Certificate (VMC) for those receivers that require it.
It’s not a long list, however verifying your email authentication to publish an enforcement level DMARC record can take some time and effort to get right.