Email Security (DMARC+)

What is BIMI?

What is BIMI?

What is BIMI?

BIMI (Brand Indicators for Message Identification) is an email standard that displays your organisation's verified logo directly in the inbox — before the recipient even opens the email. It's the visible reward for completing full email authentication.

Think of it as the verified badge for your email domain.

How BIMI works

  1. Your domain must have DMARC at p=quarantine or p=reject
  2. You publish a BIMI record in DNS pointing to your logo file
  3. You obtain a Verified Mark Certificate (VMC) from an accredited authority (DigiCert, Entrust)
  4. Supporting email clients (Gmail, Yahoo Mail, Apple Mail, Outlook) display your logo next to every email from your domain
default._bimi.yourdomain.com  TXT  "v=BIMI1; l=https://yourdomain.com/bimi-logo.svg; a=https://yourdomain.com/vmc.pem"

Why BIMI matters

For recipients:

  • Instantly recognise legitimate email from your organisation
  • Higher trust → higher open rates (studies show 10–15% improvement)
  • Harder for attackers to convincingly impersonate your brand — they can't get your verified logo

For your organisation:

  • Brand visibility in every inbox without any ad spend
  • Signal to recipients that your email security is enterprise-grade
  • Differentiator — most organisations haven't completed the authentication journey yet

BIMI requirements

Requirement Details
DMARC enforcement p=quarantine or p=rejectp=none is not sufficient
Logo format SVG (Scalable Vector Graphics), square aspect ratio, specific formatting requirements
VMC (Verified Mark Certificate) Issued by an accredited Certification Authority — proves you own the trademark
BIMI DNS record Published at default._bimi.yourdomain.com

Getting a VMC

A Verified Mark Certificate (VMC) is required by Gmail and other major providers to display the logo. The process:

  1. Register your trademark — the logo must be a registered trademark (or pending registration in some cases) in your jurisdiction
  2. Apply through DigiCert or Entrust — these are the two accredited VMC issuers
  3. Provide proof of trademark — the CA verifies your ownership
  4. Receive and install the VMC — a PEM certificate file hosted on your website

VMC cost is typically $1,000–$1,500/year and takes 2–4 weeks to issue.

Logo requirements for BIMI

  • Format: SVG Tiny 1.2 (a specific SVG subset)
  • Shape: Square (1:1 aspect ratio)
  • Background: Must have a filled background (transparent backgrounds are not supported)
  • Size: No minimum file size requirement, but keep it optimised

Most organisations need their design team to export a BIMI-compliant version of their logo. Tools like BIMI Inspector can validate the SVG before you publish.

Is BIMI right for you now?

Situation Recommendation
DMARC at p=none Focus on authentication first — BIMI requires enforcement
DMARC at p=quarantine or p=reject Ready to start the BIMI process
No registered trademark Start the registration process — BIMI isn't available without it
High email volume (B2C) High ROI — your logo will appear in millions of inboxes
Low email volume (B2B) Still valuable for brand trust, but lower volume impact