FAQs For Senders / ESPs

What is BIMI?

Brand Indicators for Message Identification or BIMI (pronounced: Bih-mee) is an emerging email specification that enables the use of brand-controlled logos within supporting email clients. BIMI leverages the work an organization has put into deploying DMARC protection, by bringing brand logos to the customer’s inbox. For the brand’s logo to be displayed, the email must pass DMARC authentication checks, ensuring that the organization’s domain has not been impersonated.

How does BIMI technically work?

BIMI allows an organization to publish a new, standardized DNS record for a domain they own. This record contains a URL to a logo that may require proof that the logo has been validated with a VMC. An organization will publish a BIMI record containing these URLs. A supporting mailbox provider (MBP) will check the sending domain’s DMARC policy and verify that it is included in the BIMI validation. If both checks are successful, the MBP may use the logo from the URL in the BIMI record to populate the BIMI image of the qualifying email sent from that domain to the MBP.

What is DMARC?

DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance,” is an email authentication policy and reporting protocol. DMARC defends against unauthorized use of domains by preventing direct domain impersonation within email. It protects brands by ensuring participating mailboxes only receive email actually sent by or on behalf of a domain. More information about DMARC.

What is DMARC Enforcement?

DMARC enforcement represents a particular attribute of a DMARC record “p=”.  This attribute indicates how the record holder authorizes the mail receiver to handle mail that fails DMARC and authentication checks. Enforcement can be “p=quarantine” which indicates failed messages should be quarantined, or “p=reject” which indicates failed messages should be rejected.

What does BIMI have to do with anti-abuse?

BIMI enhances your brand’s value within participating mailboxes, connecting the display of verified logos to the increased protection provided by DMARC enforcement. Building on the improved defense against domain impersonation and related decrease in abuse, BIMI supports increased trust with your brand.

Does BIMI use any technical means to validate the published logo?

To correctly assert logo association to a given message, the current BIMI specification relies on a successful validation of the BIMI record, relative to a sending domain. It is up to the domain and mark owner to reference the correct logo to use in a BIMI record for a domain.

What will my experience as a “Brand” and my customers be?

Compared to senders who do not implement BIMI, your brand logo may appear with your messages. Recipients may better recognize and interact with your messaging by making a visual connection to your brand logo and increase your brand’s engagement through direct customer response. BIMI may potentially improve email opens or clicks, as compared to messages sent without logo impressions in the user’s mailbox.

Does BIMI allow me to support multiple domains and logos?

Currently, BIMI supports one logo for multiple domains and subdomains. BIMI certificates (VMCs) – which some mail systems may require – each only support a single logo, which must be a trademark.

What do I need to do to operationalize BIMI on my end?

Senders will need an email sending domain with a DMARC policy of at least quarantine or reject. Some mailbox providers may require senders to obtain a verified mark certificate (VMC). Senders will need a logo, for which they own the mark, hosted on a URL that follows the specification parameters requirements. The final step is to build a simple BIMI DNS record and publish it to DNS.

Does the display of a logo promote user trust?

BIMI’s strong authentication requirement – DMARC at enforcement – provides brands the opportunity to prevent their domain(s) from abuse, therefore potentially improving trust with their customers. BIMI builds on this foundation of trust and authentication.

We have published our BIMI record; how do we verify it’s working?

Currently, BIMI is only live in production at Yahoo! and is available for viewing in both the webmail and the Yahoo! Mobile application (Google Play, iOS).

To test if your logos are rendering properly, start by sending yourself a message to your @yahoo.com email address and view it in one of these mail clients. If your logo is displaying, your BIMI record is working; however, if you see a set of initials, you’ll need to contact the Verizon mail team for help.

For BIMI assistance directly from the Yahoo team, contact mail-questions@verizonmedia.com with questions.