BIMI
SHOWCASE YOUR BRAND
BIMI
Brand Indicators for Message Identification

AUTHENTICATE YOUR EMAIL WITH YOUR OWN LOGO with BIMI
Creating a BIMI Record
The following steps will guide you through the process of creating a BIMI record for your domain:
1. Obtain a copy of your brand logo and convert it to SVG format. The image must be a squared logo that does not contain any extra text.
2. Go to the DNS hosting provider and select ‘Create Record’.
3. Add host value. You will probably enter the value _bimi and the hosting provider will append the domain/subdomain following that provided value.
4. Select the ‘TXT’ option from the dropdown list of DNS record types.
5. Add ‘Value’ information.
6. Click the ‘Save Record Set’ button to generate a new BIMI record.
7. Run a BIMI record check to verify the record you just created has the correct values and syntax.
AUTHENTICATE YOUR EMAIL WITH YOUR OWN LOGO
Getting ready for BIMI Implementation
1. Implement DMARC authentication on all emails
BIMI can be used by organizations that have a DMARC policy in place. By checking their DMARC record using the EmailAuth DMARC record checker, it can be determined whether DMARC has been enforced or not. In addition, check email headers at Gmail, Microsoft, or Verizon Media. The DMARC policy (p=) should be configured as ‘quarantine’ or ‘reject’.
2. Choose the logo that will be visible to subscribers in their inboxes
SVG images are supported by BIMI. The image must be a square logo that does not contain any extra text. The URL should be provided in the DNS TXT record, and the logo should be stored in HTTPS.
3. Choose a Visual Mark Certificate (VMC)
Visual Mark Certificates (VMC) are not yet available to the general public. Most mailbox providers will need the VMC to display the BIMI logo.
4. Track the effects of the BIMI implementation
It is a good idea to keep track of the outcomes of the BIMI installation. Click-through and/or open rates can be monitored too.

SECURITY & BRAND VISIBILITY
BIMI Leverages DMARC!
For your Brand Logo to be placed on an email, it should be passing DMARC authentication checks that makes sure that your email is not impersonated. This will bring immense trust amongst your customers as they know if the email has your logo, it's from you and not another scam!
How does BIMI work?
Brands can simply publish their BIMI record and as long as their DMARC is in enforcement mode, their brand/logo will appear as an icon inside user's mailboxes.
Why should I implement BIMI?
It is important to know that BIMI in itself is not a security solution, but requires strong use of email authentication. It allows you to feature and showcase your brand/logo on all major mailbox providers every time you send an authenticated email.
How do I implement BIMI?
Check the following things before implementing BIMI:
- Authenticating all your emails using SPF, DKIM and DMARC with proper alignment.
- Ensure your DMARC is on "reject" or "quarantine" policy.
- Publish a BIMI record in your DNS with Verified Mark Certificate (VMC).