What Is BIMI? Brand Indicators for Email Explained

BIMI — Brand Indicators for Message Identification — is an emerging email standard that allows organisations to display their official logo directly in the recipient's inbox, next to the sender name. It is the visual culmination of a complete email authentication stack: SPF, DKIM, and DMARC must all be in place before a single pixel of your logo appears.

What Is BIMI?

BIMI is a DNS-based standard that links a brand's verified logo to their email domain. When a recipient receives an email from a BIMI-enabled domain, their email client retrieves the logo URL from the domain's BIMI DNS record and displays it as the sender avatar. Instead of a generic grey initial or auto-generated icon, recipients see the brand's actual logo — a recognisable, trust-building signal that the email is authentic.

The standard is maintained by the AuthIndicators Working Group, which includes members from Google, Yahoo, Fastmail, and other major email providers.

How BIMI Works

The BIMI display process involves several steps that happen automatically in the background when a supported email client receives a message:

DMARC check — the receiving server verifies that the message passes DMARC with a policy of p=quarantine or p=reject. BIMI does not work with p=none.
BIMI DNS lookup — the receiving server queries the BIMI TXT record at default._bimi.yourdomain.com.
Logo retrieval — the server fetches the SVG logo from the URL in the BIMI record's l= tag over HTTPS.
VMC verification (optional but required by Gmail) — if a Verified Mark Certificate (a= tag) is present, the server validates the certificate against the logo.
Display — the email client renders the logo as the sender avatar in the inbox and message view.

BIMI Is an Incentive for Strong Authentication

BIMI deliberately requires p=quarantine or p=reject DMARC enforcement. This design choice incentivises organisations to complete their full email authentication setup — not just publish a token record. The logo is the reward for doing security correctly.

BIMI DNS Record Format

A BIMI record is a TXT record published at default._bimi.yourdomain.com. Here is an example:

Command

default._bimi.example.com.  IN  TXT  "v=BIMI1; l=https://example.com/logo.svg; a=https://example.com/bimi.pem"

The tags in the record are:

v=BIMI1 — version identifier, always required and always this value.
l= — the HTTPS URL to your SVG logo file (Tiny SVG 1.2 format).
a= — the HTTPS URL to your Verified Mark Certificate (VMC) PEM file. Required by Gmail; optional for some providers.

Requirements for BIMI

Before BIMI will work, all of the following must be in place:

SPF — a valid SPF TXT record authorising your sending sources.
DKIM — a working DKIM key pair, with messages signed and verified correctly.
DMARC at enforcement — a DMARC policy of p=quarantine or p=reject. p=none is not sufficient.
SVG logo in Tiny SVG 1.2 format — the logo must meet specific SVG profile requirements (see below).
Logo hosted over HTTPS — the logo URL must be accessible via HTTPS with a valid TLS certificate.
VMC certificate — required by Gmail and Yahoo for the checkmark badge. Optional for other providers but strongly recommended.

SVG Logo Requirements

The BIMI specification requires your logo to be in SVG Tiny 1.2format — a subset of full SVG designed for constrained environments. Key technical requirements include:

The file must be valid SVG Tiny 1.2 (not SVG 1.1 or SVG 2.0).
The root <svg> element must have the correct SVG Tiny 1.2 namespace declaration.
The image must have a square aspect ratio (1:1).
No raster images (<image> elements) may be embedded.
No scripts, animations, or external references.
The file should be under 32 KB for best compatibility.

Most professional SVG editors (Adobe Illustrator, Inkscape) can export SVG Tiny 1.2. Alternatively, use an online BIMI SVG validator to check compliance before publishing your record.

Standard SVG Files Will Not Work

A standard SVG file — such as one exported directly from Figma or downloaded from a brand kit — is almost certainly not in SVG Tiny 1.2 format. You will need to convert or re-export it specifically to the Tiny 1.2 profile. Use a BIMI SVG validator to confirm compliance before publishing your record.

Verified Mark Certificates (VMC)

A VMC is a digital certificate issued by a Certificate Authority (CA) that cryptographically ties your logo to your domain and confirms that the logo is a registered trademark. It serves as proof that the displayed brand mark is legitimate and not being spoofed.

VMCs are currently issued by two CAs: DigiCert and Entrust. The process involves:

Providing proof of a registered trademark for your logo in at least one jurisdiction.
Submitting your SVG Tiny 1.2 logo to the CA for validation.
Completing identity verification for your organisation.
Receiving the VMC (a PEM file) and hosting it at a stable HTTPS URL.

VMCs are not free — expect costs in the range of a few hundred dollars per year. Some providers, such as Yahoo Mail, display BIMI logos without requiring a VMC, but Gmail requires one to display the verified checkmark badge.

Supported Email Clients

BIMI support varies by email client. As of early 2025, the following support BIMI display:

Email Client / Provider	BIMI Support	VMC Required?
Gmail (web and Android)	Yes — verified checkmark badge	Yes
Yahoo Mail	Yes	No (but recommended)
Apple Mail (iCloud)	Yes (partial)	Yes
Fastmail	Yes	No
Outlook / Microsoft 365	Not yet (in testing)	N/A

Business Benefits of BIMI

BIMI delivers measurable value beyond the technical satisfaction of a complete email authentication stack:

Increased open rates — studies from brands that have deployed BIMI report open rate improvements of 10–21%. A recognisable logo in the inbox reduces uncertainty about the sender's identity.
Brand recognition — consistent logo display reinforces brand identity with every email sent, without any additional marketing spend.
Anti-phishing signal — recipients learn that emails with your logo have been verified. Spoofed emails — which cannot pass DMARC — will not show the logo, making phishing attempts more visually obvious.
Improved deliverability — completing DMARC enforcement (a prerequisite for BIMI) directly improves deliverability and sender reputation.
Gmail verified checkmark — with a VMC, Gmail displays a blue verified checkmark badge that signals the sender is authenticated. This is a strong trust signal, particularly for financial, healthcare, and government organisations.

Frequently Asked Questions

Do I need a trademark to use BIMI?

You need a registered trademark only if you want a VMC (Verified Mark Certificate) — which is required for Gmail's verified checkmark display. Some providers (like Yahoo Mail) support BIMI without a VMC, meaning you can display a logo without a trademark. However, without a VMC, the display is less broadly supported and lacks the verified badge.

Will BIMI work if my DMARC policy is p=none?

No. BIMI requires DMARC to be at p=quarantine or p=reject. A p=none policy is a monitoring-only setting and does not meet the enforcement threshold required for BIMI.

How do I check whether my BIMI record is published correctly?

Use the ShowDNS DNS Lookup tool to query the TXT record at default._bimi.yourdomain.com. You can also use the BIMI Inspector at bimigroup.org to run a full validation check.

Does BIMI improve email deliverability directly?

BIMI itself does not directly boost deliverability scores. However, the prerequisites for BIMI — particularly DMARC enforcement — do improve deliverability by establishing a strong authentication reputation. The indirect benefit is significant.

Can subdomains use BIMI?

Yes. You can publish BIMI records for subdomains as well as the root domain. A subdomain BIMI record is published at default._bimi.subdomain.example.com. Each subdomain needs its own DMARC enforcement to be eligible.