Brand Indicators for Message Identification (BIMI) provides a standardized approach for businesses to integrate their emblem, acting as a discernible sign that helps email recipients distinguish and avoid deceptive emails. BIMI leverages the DMARC email verification protocol to foster trust with existing and future customers. To explore the newly established BIMI standard, follow this link.

Why is BIMI important?

BIMI is a new standard that allows brands to display their logo in the inbox. It is a visual indicator that the email is legitimate and not a phishing attempt. BIMI is a new standard that allows brands to display their logo in the inbox. It is a visual indicator that the email is legitimate and not a phishing attempt. BIMI is a new standard that allows brands to display their logo in the inbox. It is a visual indicator that the email is legitimate and not a phishing attempt.

What are DIMI records composed of?

BIMI records are TXT DNS records composed of two tag-value pairs: v and l.

  • The v tag-value pair is mandatory and must be v=BIMI1.
  • The l tag-value pair is also mandatory and must be l=URL, where URL is the URL of your logo. The URL must be an HTTPS URL.

In practice this looks like so:

Use our BIMI record generator to create your own record or follow the steps below.

BIMI image requirements

Your BIMI logo image should be an SVG (Tiny1.2 format). It should also meet the following requirements:

  • Have a square aspect ratio
  • Have centered logo
  • Have solid color background
  • No greater than 32 kilobytes

DMARC requirements

To be eligible for BIMI, you must have a DMARC policy of quarantine or reject (you cannot set your p value to ) and a percentage of 100. If you don't have a DMARC policy, you can use our DMARC record generator to create one. It should look something like this:

Crafting a BIMI Record in a hosting provider

Below, we provide a step-by-step guide on producing a BIMI record for your domain:

  1. Prepare Image in SVG Format The first step involves acquiring a version of your logo and transmuting it into SVG format. To understand how to do this, click here.

  2. Access DNS Hosting Provider and Choose Create Record Once you're set to establish a BIMI record for your domain, head over to your DNS hosting provider. After signing in, find the option to create a new record.

  3. Enter Host Value Here, you'll typically add the value _bimi, and the hosting provider will supplement the domain/subdomain following that given value (e.g.,

  4. Pick TXT DNS Record Type Depending on your provider, you'll probably notice a list of DNS record types in a dropdown menu. Since a BIMI record is a subtype of TXT DNS record, ensure to pick the "TXT" alternative.

  5. Fill in the "Value" Information Two obligatory tag-value pairs MUST be incorporated in every BIMI record: v and l.

  • The only tag-value pair for v (version) is v=BIMI1
  • Verify the l (location) tag is present and succeeded by a complete URL of your logo using HTTPS (l is a lowercase L)
  1. Launch BIMI Record Press the “Save Record Set” button to generate your novel BIMI record.

  2. Check BIMI Record for Mistakes Finally, you'll want to Run a BIMI Record Check to confirm the record you've just made has the correct values and syntax. This tool will also visualize how your logo will display in email clients.

Do note that producing and publishing your BIMI record on the DNS following the steps above won't immediately showcase your logo in all customer inboxes. As of now, several Oath brands (Yahoo!, AOL, etc.) are evaluating the BIMI standard in beta with their mailbox users. Gmail also planned their beta test of the BIMI standard in 2020. By having your BIMI record and corresponding logo published on the DNS, your brand will be easily identifiable and trustworthy to current and future clients. For further information on all BIMI technical specifications, please click here.

Setup BIMI in G Suite

To configure BIMI in G Suite, you must first create a BIMI record in your DNS. The BIMI record is a TXT record that contains the location of your logo. The BIMI record must be named, where is your domain name. The value of the TXT record must be v=BIMI1; l=URL, where URL is the URL of your logo. The URL must be an HTTPS URL.

Note Gmail has specific requirements for BIMI. To facilitate BIMI, adhere to these specific values in your DMARC policy:

Your policy's setting (p) should be either on 'quarantine' or 'reject'. BIMI is incompatible with DMARC policies having the 'p' option configured to 'none'. The 'percent' setting (pct) should be assigned the value of 100. This means your DMARC policy will cover all outgoing email (100 percent) from your domain. For comprehensive guidance on setting up your DMARC policy, consult the relevant documentation.

Creating BIMI records in AWS Route 53

If you use SES or AWS cloud you probably want to create BIMI records in AWS Route 53. Here is a step-by-step guide on how to do it using terraform:

Configure BIMI record in Digital Ocean

If you use Digital Ocean as your DNS provider, you can create a BIMI record using the following steps using terraform:

In this script, the DigitalOcean provider is configured with an API token, which is supplied as a variable. This is more secure than hardcoding it into your script. The digitalocean_record resource is then used to create a TXT record for BIMI.

You can supply the required variables either through a terraform.tfvars file or at the command line. Here is how you might define them in a terraform.tfvars file:

Final Thoughts

Generating a BIMI record to exhibit your company's logo in customers' inboxes is an uncomplicated method to amplify your brand. Not only does it assure existing and potential clients of your emails' authenticity, but it also enhances trust by displaying your approved logo in their inbox. Each time a client receives an email from your domain using the BIMI standard, at least three unique brand impressions are created — message list, email address in message, and within the message itself. The sooner your enterprise opts for BIMI (when available via your outbound email provider), the more recognizable your brand will be.

In light of the rising number of harmful online assaults, the necessity to shield your personnel from falling prey to email scams cannot be overly emphasized. As email is crucial to your company's fiscal success, having the most effective defense against phishing and spoofing attacks not only elevates your brand reputation but also fortifies customers' faith in your business.