Skip to main content
BIMI (Brand Indicators for Message Identification) is an email standard that lets you display your brand’s logo next to your messages in recipient inboxes. Instead of a generic avatar or the recipient’s initials, your verified logo appears — increasing brand recognition and signaling authenticity. BIMI builds on top of existing email authentication. It requires a fully enforced DMARC policy and, for most mailbox providers, a Verified Mark Certificate (VMC) that proves you own the logo’s trademark.

How BIMI Works

BIMI uses a DNS TXT record to point mailbox providers to your brand’s logo. When a message arrives, the receiving server checks whether the email passes DMARC authentication and then looks up the BIMI record to find and display the logo.
1

Email Passes DMARC

The receiving mail server authenticates the message using SPF, DKIM, and DMARC. BIMI only applies if DMARC passes with a policy of p=quarantine or p=reject. A p=none policy is not sufficient.
2

BIMI DNS Lookup

The receiving server queries DNS for a BIMI record at default._bimi.yourdomain.com. This TXT record contains the URL of your logo file and, optionally, a URL to your VMC certificate.
3

Logo Validation

The server fetches the logo file and, if a VMC is provided, validates the certificate to confirm the logo is trademarked and the certificate is issued by an authorized Certificate Authority.
4

Logo Display

If all checks pass, the mailbox provider displays your logo in the inbox alongside your message. The exact placement varies by provider — Gmail shows it as the sender avatar, Apple Mail displays it as a verified brand indicator.

Requirements

BIMI has several prerequisites that must be in place before your logo will appear.

Authentication Requirements

BIMI will not work if your DMARC policy is set to p=none. You must enforce at least p=quarantine before mailbox providers will look up your BIMI record. See the SPF, DKIM & DMARC guide for how to progress your DMARC policy safely.

Logo Requirements

Your logo must meet specific format requirements:
SVG Tiny PS is a restricted subset of SVG designed for security. It does not allow JavaScript, external references, or animations. Standard SVG files from design tools will need to be converted. Tools like the BIMI Group’s SVG converter can help: bimigroup.org.

Verified Mark Certificate (VMC)

A VMC is a digital certificate that proves your logo is a registered trademark and that you have the right to use it. VMCs are issued by authorized Certificate Authorities.

Setting Up BIMI

1

Ensure DMARC Enforcement

Verify that your domain has a DMARC record with p=quarantine or p=reject and that your emails are passing DMARC consistently. Check your DMARC record:
The response should show a policy of quarantine or reject:
2

Prepare Your Logo

Create an SVG Tiny PS version of your logo:
  1. Start with your brand logo in SVG format
  2. Convert it to SVG Tiny PS profile (remove scripts, external references, animations)
  3. Ensure it is square with a solid background
  4. Keep the file under 32 KB
  5. Host the file at a publicly accessible HTTPS URL
3

Obtain a VMC (if targeting Gmail)

If you want your logo to appear in Gmail:
  1. Ensure your logo is a registered trademark
  2. Contact DigiCert or Entrust to apply for a VMC
  3. Complete the validation process (trademark verification, domain ownership)
  4. Receive your VMC certificate file (PEM format)
  5. Host the certificate at a publicly accessible HTTPS URL
4

Publish the BIMI DNS Record

Add a TXT record at default._bimi.yourdomain.com:
If you do not have a VMC, you can omit the a= parameter:
5

Verify the Record

Confirm the DNS record is published:
You should see your BIMI record in the response.

Mailbox Provider Support

BIMI adoption is growing but not yet universal. Here is the current state of support among major providers.

BIMI Record Syntax

The BIMI TXT record has a straightforward syntax:

Selector-Based BIMI

By default, the BIMI record is published at default._bimi.yourdomain.com. You can use different selectors for different email streams by changing the subdomain prefix. For example, marketing._bimi.yourdomain.com could display a different logo for marketing emails — though this is rarely used in practice.

Common Mistakes

BIMI requires DMARC enforcement. If your DMARC policy is p=none, mailbox providers will not look up your BIMI record regardless of whether it exists. Progress your DMARC policy to at least p=quarantine — and ideally p=reject — before implementing BIMI.
A regular SVG file exported from Figma, Illustrator, or Inkscape will not work. BIMI requires the SVG Tiny PS (Portable/Secure) profile, which strips out scripts, external references, and other elements that pose security risks. Use a BIMI-specific SVG converter to produce a compliant file.
BIMI logos are displayed in a circular frame by most providers. If your logo is not centered within a square canvas, important parts may be clipped. Design your logo with padding so the key visual element is centered and visible within a circle crop.
The logo URL in your BIMI record must use HTTPS. HTTP URLs will be rejected. Ensure the URL is publicly accessible — mailbox providers need to fetch the file from their servers.
After publishing your BIMI record, it may take days or weeks before logos start appearing consistently. DNS propagation, provider caching, and the provider’s own processing timeline all contribute to the delay. BIMI is not instant.

SPF, DKIM & DMARC

BIMI requires DMARC enforcement — understand the authentication stack first.

Sending Domains

Set up and verify your sending domain in Lettr.

Sending Reputation

How your domain and IP reputation affect inbox placement.

Security Best Practices

Comprehensive guide to securing your email sending infrastructure.