BIMI stands for Brand Indicators for Message identification. It is a new standard that will apply brand logos as indicators alongside authenticated emails to help people avoid fraudulent email. It gives assurance to users that an email is from the company it claims to be from by inserting their logo. It is the open and operable way to put your logo into emails, and it builds on DMARC.
Prerequisites for BIMI
The prerequisite for BIMI is that the organisational domain to be used must be at a policy of p=quarantine; pct=100 or p=reject; pct=100 to implement BIMI. It is complementary to DMARC and it gives companies a reason to set up DMARC.
What does BIMI do?
BIMI inserts a trademarked logo alongside emails of participating providers. It doesn’t stop phishing/spoofing, that’s DMARC’s job, however, if someone tried to spoof you when you have BIMI in place, your logo won’t appear, and depending on your policy, the email may not even arrive. Think about the difference between BIMI and DMARC like this: DMARC stops an exact domain spoof, while BIMI adds an end validation layer for cousin domains or Friendly From.
How do you set up BIMI?
In order to successfully implement BIMI, you must first make sure that
Your domain's DMARC policy is in p=quarantine or p=reject.
Get vetted & certified by a BIMI certification provider. We have partnered with Entrust to help you every step of the way of getting vetted and certified without having to leave the OnDMARC platform.
BIMI certificates
BIMI certifications are going to follow the EV framework. Every organisation who wants to set up BIMI will have to go through a certification process with a certification provider. The BIMI certification will specify:
Which domains are whitelisted
The logo that the user wants to show
The certification is valid for a year and then will need to be renewed every year.
Who supports BIMI?
Currently, the list of mailbox providers that support BIMI include Google, Apple, Yahoo, Fastmail, among others. Check the full list here.
If you have more questions, visit our comprehensive FAQ about BIMI
Use OnDMARC to quickly move your policy to reject and get BIMI certified!