VerifyBIMI
Back to the converter /

What is BIMI, and should your brand care?

If you have noticed company logos starting to appear next to emails in some inboxes, that is not an accident. It is usually the result of BIMI.

BIMI stands for Brand Indicators for Message Identification. It is an email specification that allows verified brands to display their official logo in supported email clients. The goal is simple: make it easier for people to recognize legitimate email and harder for attackers to impersonate trusted brands.

This guide explains what BIMI is, why it exists, how it works at a high level, and when it is worth the effort.

What is BIMI?

BIMI is an email standard that ties brand logos to strong email authentication. It is not an authentication protocol itself, but it depends on authentication being done correctly.

When BIMI is set up properly, mailbox providers that support it may show your brand’s logo next to your messages in the inbox or message view. This only happens after the provider confirms that the email is authenticated and authorized by your domain.

In short, BIMI turns email authentication into a visible trust signal.

Why BIMI exists

Email spoofing is a persistent problem. Attackers routinely send messages that look like they come from well-known brands, banks, and online services. This hurts recipients, but it also hurts mailbox providers when users lose trust in their inbox.

DMARC was created to stop this, but adoption has been slow. Many domains publish DMARC records without enforcing them, which limits their effectiveness.

BIMI was introduced as an incentive. If a brand enforces strong authentication, it becomes eligible to display its logo in supported inboxes. The logo is the reward, but the real benefit is stronger protection against spoofing.

Email authentication requirements

To be eligible for BIMI, a domain must already have email authentication in place:

DMARC enforcement means using either p=quarantine or p=reject. A policy of p=none is not sufficient for BIMI, since it does not instruct mailbox providers to take action against unauthenticated mail.

What is a BIMI DNS record?

BIMI is enabled through a DNS TXT record, similar to SPF, DKIM, and DMARC. The BIMI record tells mailbox providers where to find your official logo file. The logo itself is hosted at a publicly accessible URL and referenced from DNS.

At a high level, the record does one thing: it points to the SVG file that represents your brand.

Publishing the BIMI record is typically one of the final steps, after authentication and logo preparation are complete.

BIMI logos and SVG requirements

BIMI logos must be provided as SVG files using the SVG Tiny 1.2 format. This format is intentionally restrictive and designed to be safe for email clients to render.

Not all existing SVGs are compatible. Logos often need to be simplified, flattened, and cleaned up to meet the specification. This is one of the most common stumbling blocks during BIMI setup.

Verified Mark Certificates (VMCs)

Some mailbox providers require a Verified Mark Certificate before displaying a BIMI logo. A VMC is a certificate that confirms the brand has legal rights to the logo being displayed. It is issued by an approved certificate authority and typically renewed annually.

Not all mailbox providers require a VMC, but some use it as a strong signal of brand legitimacy. Whether a VMC is required depends on where your audience primarily reads email.

Which mailbox providers support BIMI?

BIMI support is growing, but it is not universal. Currently, BIMI is supported by several major mailbox providers, including Gmail, Yahoo, AOL, and Fastmail. Support in other clients may vary, and requirements such as VMCs differ by provider.

Some widely used email clients do not yet display BIMI logos. That does not prevent you from implementing BIMI, but it is worth setting expectations internally about where logos will and will not appear.

High-level BIMI setup process

At a high level, setting up BIMI involves the following steps:

Even after everything is correct, it can take time for logos to appear consistently.

Does BIMI affect deliverability?

BIMI is not a deliverability feature by itself. Mailbox providers do not promise better inbox placement just because BIMI is present.

That said, BIMI depends on strong authentication and enforcement. Those factors do contribute to sender reputation and protection against abuse. Over time, that can indirectly support healthier deliverability.

BIMI may also improve engagement. Recognizable logos can increase trust and help messages stand out, which can lead to higher open rates.

Is BIMI worth it for your brand?

BIMI tends to be most valuable for brands that are frequently targeted by impersonation, such as financial services, large consumer brands, marketplaces, and SaaS platforms.

Smaller organizations can also benefit. Spoofing is not limited to big brands, and attackers often target smaller companies with weaker security controls.

If you already have SPF, DKIM, and enforced DMARC, BIMI can be a logical next step. If you do not, those basics should come first.

FAQ

What is BIMI?

BIMI is an email standard that can display a brand’s verified logo in supported inboxes, but only after strong email authentication is in place and enforced.

What DMARC policy do you need for BIMI?

DMARC must be enforced with p=quarantine or p=reject. A policy of p=none is not sufficient for BIMI eligibility.

What format does a BIMI logo need to be?

BIMI logos must be an SVG Tiny 1.2 file. Many SVGs need cleanup and simplification to meet the specification.

Do you need a Verified Mark Certificate (VMC)?

Some mailbox providers require a VMC to display the logo. Whether you need one depends on where your audience reads email and which providers you care about most.

Does BIMI improve deliverability?

BIMI is not a direct deliverability feature. It relies on strong authentication, which can indirectly support healthier sending practices over time.