BIMI works by allowing brands to publish a BIMI record in the Domain Name System (DNS) that specifies the location of their logo. When an email is received from a domain that has a valid BIMI record, the mailbox provider can display the brand's logo next to the email in the client.
BIMI, which stands for Brand Indicators for Message Identification, is a standard that aims to enhance email security and trustworthiness by displaying brand logos next to authenticated emails in users' email inboxes.
How do DMARC, BIMI and Verified Mark Certificates (VMCs) Work Together?
- BIMI builds up on existing email authentication protocols like SPF, DKIM and DMARC. With proper configuration of the before-mentioned protocols you ensure DMARC compliance for the outbound emails and upon achieving a DMARC policy of quarantine (100%) and reject you can proceed with BIMI configuration.
- The logo associated with BIMI should be saved as a version of the Scaled Vector Graphic (SVG) format and have a minimum size of 512 pixels x 512 pixels.
- The VMC certificate is a digital certificate proving you are legally allowed to use the brand logo you intend to use for your BIMI record. That means your brand logo needs to be a registered trademark. This is a crucial part of the BIMI email security process, ensuring only authorized entities can use specific brand logos.
Email service providers (such as Gmail, Yahoo Mail, etc.) will check for the BIMI record in the DNS when they receive an authenticated email from a domain that supports BIMI. If the BIMI record is found and valid, the provider will show the sender's logo alongside the email in the recipient's inbox.