BIMI stands for Brand Indicators for Message identification. It is a new standard that will apply brand logos as indicators alongside authenticated emails to help people avoid fraudulent email. It gives assurance to users that an email is from the company it claims to be from by inserting their logo. It is the open and operable way to put your logo into emails, and it builds on DMARC.

Prerequisites for BIMI

The prerequisite for BIMI is that the organisational domain to be used must be at a policy of p=quarantine; pct=100 or any stage of p=reject to implement BIMI. It is complementary to DMARC and it gives companies a reason to set up DMARC.

What does BIMI do?

BIMI inserts a trademarked logo alongside emails of participating providers. It doesn’t stop phishing/spoofing, that’s DMARC’s job, however, if someone tried to spoof you when you have BIMI in place, your logo won’t appear, and depending on your policy, the email may not even arrive. Think about the difference between BIMI and DMARC like this: DMARC stops an exact domain spoof, while BIMI adds an end validation layer for cousin domains or Friendly From.

How do you set up BIMI?

In order to successfully implement BIMI, you must first make sure that

  1. Your domain's DMARC policy is in p=quarantine or p=reject.

  2. Get vetted & certified by a BIMI certification provider. We have partnered with Entrust to help you every step of the way of getting vetted and certified without having to leave the OnDMARC platform.

BIMI certificates

BIMI certifications are going to follow the EV framework. Every organisation who wants to set up BIMI will have to go through a certification process with a certification provider. The BIMI certification will specify:

  • Which domains are whitelisted

  • The logo that the user wants to show

The certification is valid for a year and then will need to be renewed every year.

Who supports BIMI?

Currently, the list of mailbox providers that support BIMI include Google (Gmail and G Suite), Yahoo and Fastmail.

If you have more questions, visit our comprehensive FAQ about BIMI

Use OnDMARC to quickly move your policy to reject and get BIMI certified!

Did this answer your question?