Browse all topics
All guidesGlossary

BIMI and brand indicators in email

BIMI shows your brand logo next to email from your domain in supported clients. Here's the setup and the prerequisites.

Brand Indicators for Message Identification (BIMI) lets your brand's logo appear next to email from your domain in supported clients — Gmail, Apple Mail, Yahoo Mail, Fastmail, and a growing list. It's both a branding feature and (the more interesting part) a reward for organisations that have done the hard work on email anti-spoofing.

Why BIMI exists

Receiving mail providers want to discourage spoofing — sending mail that claims to be from your domain when it isn't. BIMI gives organisations a visible incentive to deploy strong anti-spoofing controls: do the work on DMARC, DKIM, and SPF, and your brand logo appears next to your emails. Organisations that don't get a generic placeholder.

For recipients, the visible logo is a useful trust signal — "this really is from Acme Corp," not just claims to be.

The prerequisites

BIMI requires:

  1. DMARC at p=quarantine or p=reject with pct=100. p=none doesn't qualify.
  2. SPF and DKIM properly published for all legitimate sending sources.
  3. A BIMI-compliant SVG logo — specific SVG Tiny PS profile, square format, no scripts.
  4. A DNS BIMI record at default._bimi.yourdomain.com.
  5. (For Gmail and Apple Mail) a Verified Mark Certificate (VMC) issued by a participating CA (DigiCert, Entrust). The VMC verifies your trademark ownership.

Without DMARC at quarantine or reject, BIMI is silently ignored.

Setting it up

  1. Verify DMARC posture — if you're still on p=none, finish the DMARC journey first (typically 6–12 months of progressive enforcement).

  2. Prepare the SVG logo — designers may need help producing a BIMI-compliant SVG; tools like the BIMI Group's converter help.

  3. Host the SVG on your own HTTPS endpoint, ideally on a path that's stable and CDN-backed.

  4. Publish the BIMI DNS record:

    default._bimi.yourdomain.com TXT "v=BIMI1; l=https://yourdomain.com/logo.svg; a=https://yourdomain.com/vmc.pem"

  5. Obtain a VMC from a participating CA. The CA validates your trademark ownership and issues a certificate referencing the SVG.

  6. Test by sending mail to recipients on supporting providers (Gmail, Apple Mail). Logo should appear next to your messages.

What it costs

  • VMC — annual fee, typically several hundred USD per year per domain.
  • DMARC enforcement work — internal time, often months.
  • SVG production — designer time.

The hard cost is small; the soft cost is the DMARC journey, which is also valuable on its own.

Common pitfalls

  • DMARC not strict enoughp=none doesn't qualify. BIMI is a reward for actual enforcement.
  • Logo not BIMI-compliant — not every SVG works; verify with the BIMI Inspector tool.
  • VMC not obtained — most major email providers require it; without it, the logo may not appear.
  • DKIM signing missing for some legitimate sending sources — those emails fail DMARC and don't get the logo. Audit and fix.

When to invest in BIMI

  • High-volume marketing senders — every campaign benefits from brand recognition and trust.
  • Customer-service email senders — phishing impersonating your brand is a real threat; BIMI is one anti-phishing signal users see.
  • Brand-conscious organisations — visible brand presence in inbox.

For smaller organisations with limited email volume, BIMI is nice-to-have rather than essential. For anyone sending serious quantities of email, it pairs naturally with the DMARC work that should be happening anyway.