Table of Contents
- Introduction
- BIMI Requirements
- Requirement 1: DMARC at Enforcement Level
- Requirement 2: Logo in SVG Tiny PS Format
- Requirement 3: Certificate (VMC or CMC)
- Requirement 4: DNS TXT Record
- Requirement 5: Domain Alignment
- Provider Support in 2026
- The Real Cost of BIMI
- Other Things You Need to Know About BIMI Requirements
Last Updated
Do not index
IntroductionBIMI RequirementsRequirement 1: DMARC at Enforcement LevelRequirement 2: Logo in SVG Tiny PS FormatRequirement 3: Certificate (VMC or CMC)Requirement 4: DNS TXT RecordRequirement 5: Domain AlignmentProvider Support in 2026The Real Cost of BIMIOther Things You Need to Know About BIMI Requirements
Introduction
BIMI (Brand Indicators for Message Identification) displays your verified brand logo next to your emails in recipient inboxes across Gmail, Apple Mail, and Yahoo. The requirements to implement it are specific: your domain needs DMARC at enforcement level (p=quarantine or p=reject), a logo file in SVG Tiny PS format, a DNS TXT record pointing to the logo, and for Gmail a Verified Mark Certificate or Common Mark Certificate issued by an authorized certificate authority.
A 2025 URIports analysis found that 53.6% of published BIMI records contain at least one error. More than half of domains attempting to display their logo in inboxes fail because of formatting issues, certificate problems, or authentication gaps. The requirements aren't complicated individually, but they form a chain where every link needs to work. A broken SVG format, an expired certificate, or a DMARC policy stuck at p=none is enough to prevent the logo from appearing.
Since September 2024, Gmail accepts CMCs (Common Mark Certificates) alongside VMCs, which opened BIMI to businesses without registered trademarks. This changed the economics significantly. CMCs start at around $100 to $300 per year through some providers, compared to $749 to $1,688 for VMCs. The barrier to entry dropped, but the technical requirements stayed the same.
BIMI Requirements
.png?table=block&id=34216483-6d68-8011-a1ab-e94bfd6a80e4&cache=v2)
Requirement 1: DMARC at Enforcement Level
BIMI won't function until your DMARC policy is set to p=quarantine or p=reject. A policy of p=none doesn't qualify. This is the requirement that stops most implementations because it forces organizations to fix their entire email authentication stack before they can display a logo.
DMARC enforcement means SPF and DKIM must be passing consistently on every legitimate email your domain sends. Every platform that sends email on your behalf needs proper configuration: Google Workspace, your ESP, your CRM, your marketing automation, your transactional email service. If any of them fail authentication, those emails get quarantined or rejected under enforcement.
Mailwarm's infrastructure health check audits SPF, DKIM, and DMARC across your domain, identifying which services need attention before enforcement is safe. MXToolbox and Google Postmaster Tools complement this by showing authentication results from the receiving side.
Requirement 2: Logo in SVG Tiny PS Format
Your logo must be in SVG Tiny PS (Portable/Secure) format. Not a standard SVG. Not PNG. Not JPEG. SVG Tiny PS is a restricted subset that prevents embedded scripts, external references, and other security vectors that standard SVG allows.
The logo must be square, centered in the viewable area, and recognizable at small sizes (as small as 32x32 pixels in some clients). Text in the logo is discouraged unless it's integral to the mark. The background should contrast with both light and dark email themes.
The BIMI Group provides an SVG converter and validator at bimigroup.org. After conversion, validate the file using BIMI Inspector before publishing. A standard SVG that hasn't been converted to Tiny PS will be silently ignored by email clients.
Host the SVG on your web server at a publicly accessible HTTPS URL. Don't put it behind authentication, a CDN that blocks automated requests, or any system that requires cookies to access.
Requirement 3: Certificate (VMC or CMC)
Gmail and Apple Mail require a certificate before displaying your logo. Yahoo shows logos without one, but with less visual prominence.
VMC (Verified Mark Certificate): Requires a registered trademark. Enables the blue checkmark in Gmail and logo display in Apple Mail. Costs $749 to $1,688 per year depending on the certificate authority. Issued by DigiCert, Entrust, Sectigo, GlobalSign, or SSL.com. Processing takes two to six weeks because trademark verification is involved.
CMC (Common Mark Certificate): Doesn't require a trademark. Requires proof of 12+ months of documented logo usage (archive.org snapshots typically satisfy this). Displays your logo in Gmail without the blue checkmark. Costs $100 to $950 per year depending on the provider. Faster to obtain since there's no trademark verification.
Self-asserted BIMI: No certificate required. Supported by Yahoo, Fastmail, and La Poste only. Gmail and Apple Mail ignore self-asserted logos. Free to implement.
The choice depends on your audience. If most of your recipients use Gmail, you need at least a CMC. If Apple Mail is significant in your audience, you need a VMC specifically.
Requirement 4: DNS TXT Record
Publish a TXT record at default._bimi.yourdomain.com with this format:
The "l" parameter points to your SVG logo URL. The "a" parameter points to your certificate file URL. For self-asserted BIMI without a certificate, set a= to empty or omit it.
Allow 24 to 48 hours for DNS propagation and for email providers to cache the record. Google confirms it can take up to 48 hours for Gmail to pick up new BIMI records. Set a low TTL during setup so you can iterate faster.
Requirement 5: Domain Alignment
The domain used for BIMI must match the domain in your email's From address. If you send from marketing@yourdomain.com, the BIMI record needs to be published on yourdomain.com. If you send from a subdomain like mail.yourdomain.com, that subdomain needs its own BIMI record and its own DMARC policy at enforcement level.
SPF and DKIM alignment also need to match. The domains authenticated through SPF and DKIM must align with the From header domain for DMARC to pass, which is a prerequisite for BIMI.
Provider Support in 2026
Gmail displays BIMI logos with either a VMC (with blue checkmark) or CMC (without checkmark). Requires DMARC enforcement plus qualifying local reputation and volume.
Apple Mail displays BIMI logos with a VMC only. No CMC support.
Yahoo displays BIMI logos with or without any certificate. Self-asserted BIMI works.
Fastmail and La Poste support self-asserted BIMI.
Outlook does not support BIMI. Microsoft has indicated no short-term plans to change this. For B2B teams where Outlook dominates the recipient base, BIMI investment delivers no visual benefit on that segment.
The Real Cost of BIMI
The certificate is the visible cost. The real investment is getting DMARC to enforcement. Most organizations discover unknown sending sources, third-party tools, and legacy integrations that fail authentication during the audit process. Fixing those is the actual project. The BIMI DNS record itself takes about 15 minutes.
Research by RedSift and Entrust found that BIMI-enabled logos increased email open rates by 21% in the US and 39% in the UK. A 44% increase in brand recall was also measured. For brands sending at scale to Gmail and Yahoo recipients, those numbers translate directly into campaign performance.
Mailwarm monitors inbox placement across Gmail, Outlook, and Yahoo, so you can track whether BIMI implementation correlates with deliverability improvements in your specific case.
Other Things You Need to Know About BIMI Requirements
Can I implement BIMI without a trademark?
Yes. CMCs don't require trademark registration; they verify 12+ months of logo usage. Self-asserted BIMI on Yahoo requires no certificate at all.
How long does BIMI take to implement?
Two to four weeks for organizations with existing DMARC enforcement. Logo preparation takes one to three days, certificate acquisition one to two weeks, DNS configuration one day, and testing two to three days.
What if my logo doesn't display after setup?
Check the full chain: DMARC must be at enforcement, SPF and DKIM must pass, the SVG must be valid Tiny PS format, the certificate must be current, and the DNS record must resolve correctly. BIMI Inspector validates all of these in one check.
Does BIMI improve deliverability?
Not directly. The authentication requirements (DMARC enforcement) improve deliverability. The brand recognition from logo display increases open rates, which feeds positive engagement signals. It's indirect but measurable.