Brand Indicators for Message Identification (BIMI) is an emerging email authentication standard that allows companies to display their verified brand logo next to emails in subscribers' inboxes. Implementing BIMI can significantly boost brand recognition, increase trust, and improve email engagement. This comprehensive guide will walk you through the prerequisites, setup process, and best practices for successfully implementing BIMI in your email marketing strategy.
Understanding BIMI: What It Is and How It Works
BIMI is a visual indicator that appears next to an email sender's name in the inbox, providing an instantly recognizable logo to help recipients identify legitimate emails from trusted brands. When an email is received, the recipient's email client checks for a BIMI record in the sender's DNS and displays the verified logo if all authentication checks pass.
The following diagram illustrates the basic flow of how BIMI works to display a brand's logo in the inbox:
- The sender publishes a BIMI record in their DNS, specifying the location of their verified logo.
- The sender sends an email to the recipient.
- The recipient's email client checks for the presence of a BIMI record and validates the sender's email authentication (SPF, DKIM, DMARC).
- If all checks pass, the email client displays the verified brand logo next to the sender's name in the inbox.
Prerequisites for Implementing BIMI
Before you can set up BIMI for your domain, there are several prerequisites you must have in place:
1. Authenticated Email with SPF, DKIM, and DMARC
Your domain must have properly configured SPF, DKIM, and DMARC records to prove ownership and prevent spoofing. Ensure your DMARC policy is set to quarantine or reject to be eligible for BIMI.
2. SVG Logo Meeting BIMI Guidelines
You need a square SVG logo that meets the BIMI guidelines, including size, formatting, and content restrictions. The logo should be clear, recognizable, and free of any text or extraneous elements.
3. Verified Mark Certificate (VMC)
A Verified Mark Certificate is a special type of SSL certificate that proves ownership of your logo and allows it to be displayed in email clients. You'll need to obtain a VMC from a certified issuer like Entrust or DigiCert.
The following diagram shows how these prerequisites fit together to enable BIMI:
Step-by-Step Guide to Setting Up BIMI
Once you have the prerequisites in place, follow these steps to set up BIMI for your domain:
Design a square SVG logo that adheres to the BIMI guidelines. Ensure it is sized between 112x112 and 512x512 pixels, uses RGB colors, and does not contain any text or complex elements. Validate your logo using the official BIMI SVG validator.
Apply for a Verified Mark Certificate from a trusted issuer like Entrust or DigiCert. You'll need to provide proof of your organization's identity and ownership of the logo. The issuer will validate this information and issue a VMC, which is a special type of X.509 certificate in PEM format.
| Certificate Issuer | Website |
|---|---|
| Entrust | https://www.entrust.com/digital-security/certificate-solutions/products/digital-signing/verified-mark-certificates |
| DigiCert | https://www.digicert.com/verified-mark-certificates |
Host your BIMI-compliant SVG logo on a public HTTPS URL. This can be on your own web server or a third-party hosting service. Ensure the URL is accessible and properly secured with a valid SSL certificate.
Create a BIMI record for your domain and publish it in DNS. The BIMI record specifies the location of your SVG logo and the Verified Mark Certificate. It should look something like this:
default._bimi.[yourdomain.com]. IN TXT "v=BIMI1; l=https://[yourlogo.url]/logo.svg; a=https://[yourvmc.url]/vmc.pem;"Replace [yourdomain.com], [yourlogo.url], and [yourvmc.url] with your actual domain name, logo URL, and VMC URL respectively.
Once your BIMI record is published, test and validate your setup using tools like the BIMI Record Generator and Validity BIMI Lookup Tool. Send test emails to supported providers like Gmail to ensure your logo appears correctly in the inbox.
This diagram summarizes the key steps in the BIMI setup process:
Best Practices for Effective BIMI Implementation
To get the most out of BIMI, follow these best practices:
Keep Your Logo Simple and Recognizable
Use a clean, bold design that is easily identifiable at small sizes. Avoid intricate details or text that may not be legible in the inbox.
Maintain Consistent Branding
Use the same logo across all your authenticated email channels to build brand recognition and trust with subscribers.
Monitor and Enforce Your DMARC Policy
Regularly check your DMARC reports and maintain a quarantine or reject policy to protect your domain from unauthorized use and ensure BIMI eligibility.
Keep Your VMC and SSL Certificates Up to Date
Renew your Verified Mark Certificate and SSL certificates before they expire to avoid any disruptions in your BIMI display.
This diagram illustrates how these best practices contribute to a successful BIMI implementation:
Troubleshooting Common BIMI Issues
If you encounter problems with your BIMI setup, here are some common issues and solutions:
If your logo isn't showing up in the inbox, check the following:
- Ensure your BIMI record is formatted correctly and properly published in DNS.
- Verify your SVG logo meets all the BIMI guidelines and is accessible at the specified URL.
- Check that your VMC is valid and properly hosted.
- Confirm your DMARC policy is set to
quarantineorreject.
If your BIMI record is invalid, check for these common mistakes:
- Missing or incorrect tag values (v=BIMI1, l=, a=)
- Invalid or inaccessible logo URL
- Invalid or inaccessible VMC URL
- Syntax errors in the record format
Use the BIMI Record Generator to create a properly formatted record.