What is BIMI (Brand Indicators for Message Identification)?
BIMI, or brand indicators for message identification, is a new industry-developed specification that allows brands to associate their logos with email they send (see example image below). BIMI is the first type of email validation built on standard authentication technologies that gives brand visibility to the sender and the recipient. Aside from publishing a BIMI policy, senders must also pass DMARC, and have a sufficient sender reputation in order to utilize the full capabilities of BIMI.
Let’s take a deeper look at what BIMI is, how it works, and the best ways to implement and utilize it.
How Does BIMI Work?
BIMI is a text file that is configured in your DNS records – similar to other forms of authentication. The recipient mailbox provider will search the BIMI logo file’s hosted location and any information associated with it to verify its authenticity. For BIMI to be used in practice there are generally three checks that could take place to pass (assuming a BIMI policy is applied and DMARC is passed):
- Volume and reputation – For larger senders, mailbox providers will check the senders email volume and reputation to help verify the authenticity of the sender.
- Manually controlled allow list (whitelists) – Because smaller businesses may have a harder time validating through their volume and reputation alone, there are ‘whitelists’ that help validate the authenticity of these senders.
- VMC (Verified Mark Certificate) – This is a validation process that helps further authenticate the logo file in the same way that SSL certifications work through a purchased and verified certificate. While VMC is an important aspect of BIMI, standardized use of a VMC is yet to be established. For example, at the time of writing this blog, Google will require a VMC, whereas Yahoo! will not.
Once the authenticity of the logo/sender is verified by the mailbox provider, the image will show in the recipient’s inbox with the associated email similar to the example image shown below.
Why is BIMI Important?
BIMI helps organizations gain control over the use of their logo in email. Because it leverages DMARC and additional checks listed above, it will help standardize a more secure, authentic way of sending email. This will hopefully have a ripple effect, giving recipients more trust in their email and therefore fostering higher engagement for senders. But aside from the security standpoint, BIMI helps brands establish more presence in their email through use of their logo. BIMI helps in two ways:
- The additional level of email validation is beneficial as it helps to standardize DMARC and further verify senders, allowing the email recipients to have peace-of-mind when it comes to interacting with the email. This is the first email specification that gives some visibility into authentication to end users.
- It is a marketing advantage as each email from a brand will be associated with the company logo. In the world of marketing, this type of brand recognition and association is extremely valuable.
How Do I Set up BIMI?
To set up BIMI, you will need to have some understanding of email authentication and access to your DNS records. First, you must set up SPF, DKIM, and DMARC to set up BIMI. You also must have an SVG file of your logo as this is the only accepted type of file. Make sure you are up to date with all the latest SVG file requirements for BIMI as not all standard SVG files will be accepted.
To properly configure your DNS with BIMI, the basic setup is “v=BIMI1; l=imageURL;” as a TXT record for default._bimi.domain which may look something like this:
v=BIMI1; l=https://static.socketlabs.com/logos/2019082000-sl-bimi-logo.svg;
The Future of Email Security
BIMI is still a new email practice that has yet to be fully established or standardized across the industry. And while the end goal will likely remain, the way it is accomplished will likely alter as new practices, protocols, and idea help further establish BIMI and its use in the industry.