Display your logo on every email you send with BIMI by OnDMARC

Check if you're BIMI ready with our free BIMI Checker tool

www.yourdomain.com

Implementing BIMI email for your business

The inbox is a battleground for attention, and today businesses need to use every way possible to stand out, increase brand impressions, and improve consumer interaction with the emails they’re sending. Below is some useful information on how to implement BIMI for your business.

What to know before implementing BIMI

To help more businesses get ready for BIMI, we’re covering the 7 things you need to know before implementing it.

How to add your brand logo to email

Everything you need to know in terms of logo requirements for BIMI.

How to create a BIMI-supported SVG file

We go into detail on the first step you need to take to get ready for BIMI.

BIMI FAQs

How does BIMI work?

Similar to SPF, DKIM, and DMARC records, your BIMI record lives in your DNS as a text (TXT) file. When an email you send arrives in the recipient inbox, the recipient server looks this up to check that it’s coming from a verified sender (using DMARC). Once authenticated, the BIMI TXT file informs the recipient server of the logo’s location, and it is then made visible in the recipient inbox.

What is a BIMI record?

A BIMI record is a text (TXT) record that includes your BIMI logo SVG file’s URL.

Here's an example: v=BIMI1; l=https://bimi.entrust.net/redsift.io/logo.svg; a=https://bimi.entrust.net/redsift.io/certchain.pem

How long does it take to deploy BIMI?

The time it takes to deploy BIMI can vary from business to business. Most of the time, it depends on your organization’s size, the complexity of your infrastructure, your DMARC status, and whether you already have your logo trademarked.

To obtain a VMC, your organization’s domain needs to be in p=quarantine at 100% or p=reject. With OnDMARC, this can be achieved in just 6-8 weeks.

BIMI and DMARC requirements

To ensure security and protection for your organization, BIMI can only be implemented on a domain that has a DMARC protection policy of at least p=quarantine, and that policy is at 100%.

DMARC is a protocol that allows domain owners to obtain visibility to email services that are sending on their behalf, and also to block unauthorized senders. DMARC is the only protocol that can prevent illegitimate services from sending on behalf of a domain once that domain is at a policy of quarantine or reject.

DMARC works with existing protocols SPF and DKIM. These protocols need to be configured on your valid email sending services before moving into a DMARC protection policy.

Is BIMI a security standard?

No, BIMI is not a security standard. For a business to be able to use BIMI in line with Google, it must be DMARC compliant. DMARC is a security protocol that protects against exact domain impersonation. When implemented correctly (p=reject), it blocks phishing attacks using your domain, protecting your business, brand reputation, and supply chain. It can also improve your email deliverability and even inbox placement as a result.

It’s vital that we view BIMI as a ‘reward’ for correctly implementing the security protocol DMARC. While the presence of a logo in the email indicates DMARC compliance, it in no way offers domain protection. This is done by the DMARC protocol it sits on.

What is a VMC and why do I need one?

A Verified Mark Certificate (VMC) is the logo certification required for BIMI. It’s issued by a Certification Authority (CA) and works alongside DMARC to enable logo visibility in the inbox. Google has selected just two CAs as eligible to issue VMCs, one of which is our partner Entrust.

To get a VMC, your logo must be trademarked. Having a VMC is an essential part of the puzzle, as without one you won’t be able to become BIMI certified.

What's the difference between BIMI and VMC?

BIMI is the protocol that will enable you to display the logo beside your message.

A VMC (verified-mark certificate) certifies that the logo belongs to the company and that it is a legitimate company. A VMC ties into the BIMI record as a tamper-proof security measure, and by itself won’t do anything.

More on VMC and BIMI certificates

VMC certifications are going to follow the EV framework. Every organization that wants to set up BIMI and display its logo on Google and Apple Mail will have to go through a certification process with a certification provider. The BIMI certification will specify:

Which domains are whitelisted
The logo that the user wants to show

The certification is valid for a year and then will need to be renewed every year.

Why is BIMI important for marketers and businesses?

Any good email marketing strategy will involve tweaking subject lines, cleaning email lists, and curating email content. This is done with the goal of increasing open rates, boosting click-throughs, swerving spam complaints, and keeping bounce rates low. But while these are good practices, it’s likely the widespread adoption of globally-recognized standards like DMARC and the benefits which come with these (such as BIMI) will ultimately make the real difference in keeping our email ecosystem robust for years to come. In early studies we’ve carried out, we found that logo visibility in email does appear to have a positive effect on certain consumer interactions in email.

Which mailboxes support BIMI?

BIMI is supported by Apple, Gmail, Yahoo, and Netscape among others. Outlook currently does not support BIMI.

Display your logo onevery email you send

With BIMI and DMARC you can put your logo on every email you send to boost brand recognition and protect against phishing.

Everything you need to know about BIMI for email

Implementing BIMI email for your business

BIMI FAQs

BIMI is supported by

Check if you're
BIMI ready

Everything you need to know about BIMI for email

Implementing BIMI email for your business

BIMI FAQs

BIMI is supported by

Check if you'reBIMI ready

Check if you're
BIMI ready