Skip to main content
Reference BIMI draft-blank

BIMI: Brand Indicators for Message Identification

BIMI lets receivers display your brand logo next to authenticated messages in the inbox. Requires DMARC at p=quarantine or p=reject.

TL;DR

  • 1 Publish a DNS TXT record pointing to your logo SVG and (for most receivers) a Verified Mark Certificate (VMC) or Common Mark Certificate (CMC).
  • 2 Receivers render the logo only for messages that pass DMARC and align to your domain.
  • 3 Strong incentive for organisations to actually finish the DMARC enforcement journey.

Watch

How BIMI puts your verified logo next to your mail once DMARC is enforced, and what a VMC actually requires.

What it does

BIMI gives the brand-protection ROI that DMARC alone doesn't. After you've put in the work to publish DMARC, SPF, DKIM and reach p=reject, BIMI rewards you with your logo rendered in recipients' inboxes (Gmail, Apple Mail, Yahoo all support it).

Receivers will only render the logo when DMARC passes AND the policy is at quarantine or reject. That makes BIMI a forcing function: you can't get the brand benefit without first protecting the domain.

As of early 2025, Gmail and Yahoo display the logo with a Verified Mark Certificate (VMC) or a Common Mark Certificate (CMC); Gmail's blue verified checkmark requires a VMC. Apple Mail requires a VMC. A VMC is a paid certificate from a small list of CAs that proves you own a registered trademark to the logo; a CMC is the no-trademark path, proving the logo has been in public use rather than registered.

How it works

  1. 1

    Generate an SVG of your logo following the strict BIMI SVG profile (square aspect, no scripts, single colour gradient OK).

  2. 2

    Host the SVG over HTTPS at a stable URL on your domain.

  3. 3

    Publish a TXT record at default._bimi.<your-domain> with v=BIMI1; l=<logo-url>; a=<vmc-url>.

  4. 4

    To get the logo in Gmail and Yahoo, obtain a Verified Mark Certificate (VMC, ~$1,500/yr, requires a registered trademark) or a Common Mark Certificate (CMC, the no-trademark path) from one of the approved CAs; host the .pem file at the URL referenced by a=. Apple Mail and Gmail's blue verified checkmark require a VMC specifically.

  5. 5

    Receivers retrieve the record, validate against DMARC posture, and start rendering the logo within ~24h.

Example record

default._bimi.yourdomain.com TXT Click to select
v=BIMI1; l=https://yourdomain.com/bimi/logo.svg; a=https://yourdomain.com/bimi/vmc.pem

Common pitfalls

  • Publishing BIMI before reaching p=reject (or at least p=quarantine at enforcement). Receivers won't render the logo and you'll think it's broken.

  • Using an SVG with scripts, animations, or non-square aspect. Receivers refuse to render anything outside the BIMI profile.

  • Forgetting to renew the VMC or CMC. Once it expires, Gmail and Yahoo stop rendering the logo overnight (and Apple Mail stops on VMC expiry).

  • Hosting the SVG on a CDN that strips Content-Type or sends a non-image MIME. Receivers refuse non-image/svg+xml responses.