Table of Contents
Last Updated
Do not index
IntroductionHow BIMI WorksRequirements for BIMI ImplementationWhich Email Providers Support BIMIHow BIMI Affects DeliverabilityOther Things You Need to Know About BIMI
Introduction
BIMI, or Brand Indicators for Message Identification, is an email authentication standard that displays your brand's logo next to your emails in the recipient's inbox. When properly configured, recipients see your company logo instead of a generic initial or placeholder icon in their email client. Gmail, Apple Mail, and Yahoo all support BIMI, which means a correctly implemented setup puts your logo in front of the majority of global email users.
BIMI isn't just a branding feature. It's built on top of DMARC enforcement, which means you can't implement BIMI without first having your email authentication locked down. To display a logo, your domain needs DMARC set to "quarantine" or "reject," which means SPF and DKIM must be passing consistently. In practice, BIMI acts as a visible reward for doing email authentication right; domains that haven't invested in proper authentication can't use it.
How BIMI Works
The technical chain behind BIMI follows a specific sequence. When your email arrives at the recipient's mail server, the server first runs standard authentication checks: SPF, DKIM, and DMARC. If all three pass and your DMARC policy is set to enforcement (quarantine or reject), the server then looks for a BIMI record in your domain's DNS.
The BIMI record is a TXT record published at default._bimi.yourdomain.com. It contains two pieces of information: the URL of your logo file (in SVG Tiny PS format) and, optionally, the URL of your Verified Mark Certificate (VMC).
The logo must be in SVG Tiny PS (Portable/Secure) format specifically. Not a regular SVG. Not a PNG. Not a JPEG. SVG Tiny PS is a restricted subset of SVG that prevents embedded scripts and external references, making it safe for email clients to render. Your logo needs to be square, centered, and work at very small sizes since it displays as a small avatar in most inboxes.
The VMC is a digital certificate issued by a licensed Certificate Authority (currently DigiCert and Entrust) that verifies you actually own the trademark associated with the logo. Gmail requires a VMC. Apple Mail requires a VMC. Yahoo displays BIMI logos without a VMC, but with a less prominent visual treatment.
Requirements for BIMI Implementation
.png?table=block&id=34016483-6d68-802f-bad9-d11cf8f5a2c5&cache=v2)
DMARC at enforcement level. Your DMARC policy must be set to p=quarantine or p=reject. A policy of p=none doesn't qualify. This means SPF and DKIM must be passing on virtually all your legitimate email before you can implement BIMI. If your authentication has gaps, BIMI forces you to close them.
A logo in SVG Tiny PS format. The logo must follow strict technical specifications. Square dimensions. No text outside the logo mark. Centered in the viewable area. Background color that contrasts with both light and dark email themes. Several online tools convert standard SVGs to SVG Tiny PS format, but manual validation is usually needed to ensure compliance.
A Verified Mark Certificate (for Gmail and Apple Mail). A VMC costs between $1,000 and $1,500 per year and requires that your logo is a registered trademark. The certificate authority verifies your trademark registration and your control of the domain before issuing the certificate. The process takes two to six weeks depending on the certificate authority and how quickly your trademark documentation is verified.
A DNS TXT record. The BIMI record goes at default._bimi.yourdomain.com and follows this format: v=BIMI1; l=https://yourdomain.com/logo.svg; a=https://yourdomain.com/vmc.pem. The "l" value points to your logo file. The "a" value points to your VMC file. If you're publishing BIMI without a VMC (for Yahoo), the "a" value can be empty.
Which Email Providers Support BIMI
Gmail supports BIMI with a VMC requirement. Your logo displays as the sender avatar next to your email in the inbox. Gmail also shows a small verified checkmark badge on the logo.
Apple Mail supports BIMI in iOS 16 and macOS Ventura onward, also requiring a VMC.
Yahoo supports BIMI with or without a VMC. Without a certificate, the logo still displays but with a less prominent treatment.
Outlook and Microsoft 365 don't currently support BIMI. Microsoft has its own brand indicator system, but it's not compatible with BIMI.
How BIMI Affects Deliverability
BIMI itself doesn't directly improve your inbox placement. The logo doesn't make spam filters treat your email more favorably. But the authentication requirements that BIMI depends on absolutely do.
Implementing BIMI forces you to get DMARC to enforcement level, which means SPF and DKIM are working properly, which means your email infrastructure is authenticated correctly, which is one of the strongest signals inbox providers evaluate when making filtering decisions. Teams that implement BIMI often see deliverability improvements not because of the logo itself, but because the process of qualifying for BIMI fixed authentication issues they didn't know they had.
The brand recognition benefit is real too. Recipients who see your logo are more likely to open the email because they recognize the sender instantly. Higher open rates feed into positive engagement signals that strengthen sender reputation over time. It's an indirect loop, but it's measurable.
Mailwarm's infrastructure health check audits your SPF, DKIM, and DMARC configuration, telling you exactly where you stand relative to BIMI readiness. If your DMARC isn't at enforcement level, the check identifies what needs to be fixed before BIMI implementation is possible.
Other Things You Need to Know About BIMI
How much does BIMI cost to implement?
The logo creation and DNS configuration are free if you have in-house design and DNS access. The VMC costs $1,000 to $1,500 per year through DigiCert or Entrust. You also need a registered trademark for the logo, which has its own costs depending on jurisdiction.
Can I use BIMI without a VMC?
Yahoo displays BIMI logos without a VMC. Gmail and Apple Mail require one. If your primary audience is on Gmail, you need the certificate for the logo to appear.
How long does BIMI take to start showing?
After publishing your DNS record and VMC, it can take a few days to a few weeks for email providers to start displaying the logo. Gmail caches BIMI data and doesn't check on every message. New BIMI records may take time to propagate through their system.
Does BIMI work for subdomains?
BIMI records are domain-specific. If you send email from marketing.yourdomain.com and also from yourdomain.com, each needs its own BIMI record. The DMARC policy on each domain or subdomain must independently meet enforcement requirements.
What if my logo doesn't meet the SVG Tiny PS specification?
The logo won't display. Email clients that support BIMI validate the SVG format before rendering. A standard SVG, PNG, or improperly formatted file will be silently ignored.
Can BIMI help with brand impersonation?
Yes. Because BIMI requires DMARC at enforcement level, it prevents unauthorized senders from displaying your logo. An attacker who spoofs your domain won't pass DMARC, which means the BIMI logo won't appear on their fraudulent emails. Recipients learn to associate your logo with legitimate email, making impersonation more obvious when the logo is missing.