BIMI is an abbreviation for Brand Indicators for Message Identification. It is a standard that adds your company’s logo to verified email communications. The key goal is to make your presence known in the recipient’s inbox and to instill trust in the communications you send. This will not only improve your exposure and recognition but is also meant to prevent fake emails and improve email delivery. This is another aspect of establishing trust with your clientele. More trust results in fewer unsubscribe requests and spam complaints.

This enhancement to the subscriber experience will help raise open rates and engagement with your communications. Which, you guessed it, enhances email deliverability. As a result, BIMI allows senders to control how their brand is represented in their various email authentications.

What’s New with ‘BIMI’?

With the objective of improving the ecosystem for everyone, BIMI allows companies to transmit their logos with email communications to billions of inboxes around the world, enhancing customer engagement and brand trust. To display the brand’s logo, the email must pass DMARC authentication tests to ensure that the organization’s domain has not been impersonated. BIMI gives a visual indicator to the receiver that the email has been verified and the sender is not fake by showing the sending company’s logo next to an email.

If BIMI is broadly implemented, fraudsters will have a hard time impersonating brands via email. While it may be difficult for the ordinary user to spot a well-crafted spoof domain, the absence of a brand logo in an email will become an instantly apparent red flag over time.  BIMI enhances customers’ capacity to recognize communications delivered by a brand, safeguarding them by making it easier to detect messages that are not real. The architecture of BIMI makes it especially helpful for high-risk enterprises like banks, social media platforms, and huge retailers.

State of Affairs at the Moment 

BIMI is not yet supported by all mailbox providers. However, with a few major names already on board, it won’t be long until they do. This is the current situation of the field:

 Verizon Media Group: Yahoo, AOL, Netscape (BIMI Supported)

Gmail: Gmail, Google Workspaces (BIMI Supported)

Fastmail: Fastmail, Pobox (BIMI Supported)

Yahoo: Pilot publicly available with no VMC requirement (right now)

AOL: Pilot publicly available with no VMC requirement (right now)

 Netscape: Pilot publicly available with no VMC requirement (right now)

Comcast: In the planning stages

Microsoft: No BIMI support

Getting Ready for BIMI

There are two important factors that should be considered before deploying BIMI:

  • Have a DMARC policy configured (set to either p=reject or p=quarantine)
  • Maintain a good reputation as a sender (via a high engagement rate with low bounce and spam complaints)

Having set DMARC’s underlying technologies, Sender Policy Framework and DomainKeys Identified Mail inform the world that a business is concerned about the reputation of its domain, which increases brand reputation as a sender, despite the subjective nature of reputation. DMARC is a fundamental security protocol that will serve as the foundation for future domain security initiatives.

How Does BIMI Work?

BIMI is a text record that is stored in a company’s DNS entries on its transmitting servers. When an email is sent, the recipient’s inbox provider does a DNS query to get the BIMI text record for the sending organization. The location of the organization’s logo is included in this BIMI text item.

More information may be found in the article How to Create a BIMI Record.

To use BIMI, an organization must already be set up using SPF or DKIM, as well as DMARC. While these requirements keep a domain from being impersonated, they do not provide the recipient with a visual indicator that the email sender has been validated. A cryptographically protected emblem will be used to indicate the legality of BIMI-compliant domains, allowing the ordinary end user to readily identify legitimate senders.