After a year-long pilot of BIMI (Brand Indicators for Message Identification), Gmail has officially announced that it will be rolling out general support of BIMI to help drive the adoption of stronger sender authentication.
BIMI is an industry standard that attempts to increase the wide adoption of email authentication in the ecosystem while simultaneously providing senders a way to give their customers a more immersive experience. Since BIMI is built on top of existing email authentication technologies, it requires senders to publish SPF, DKIM, and DMARC at enforcement to get the benefit of BIMI and the new inbox experience.
What does BIMI mean for your brand?
BIMI improves visibility and engagement for brands that take the time to properly authenticate their email, making the email ecosystem safer and providing a richer inbox experience. When brands don’t adhere to certain standards, Gmail may flag them as risky with question marks or other iconography.
BIMI can benefit your brand by:
- Increasing brand impressions with a trademarked logo present in the inbox
- Giving you control over how your brand logo is displayed globally
- Providing visual differentiation in the inbox to improve engagement across devices
To learn more about BIMI and how it works, read our article, What is BIMI?
Getting ready for BIMI
To take advantage of the new BIMI standard and display your logo alongside your messages in the inbox, you’ll need to do more than just create a BIMI record. Most of the time, these steps are manual and a bit confusing—don’t worry, we’ll show you a way to get most of it done automatically.
Step #1: Set up your SFP, DKIM, and DMARC records
What is SPF?
Sender Policy Framework (SPF) is an open standard for authenticating email. It checks that the IP address from which a message was sent is on an approved list published by the domain owners. If a mail server with an IP address not on the approved list tries to send an email using that domain, it won’t pass SPF authentication.
What is DKIM?
DomainKeys Identified Mail (DKIM) is a validation method that improves upon SPF’s protocols by using public key cryptography to authenticate individual email messages. It was designed to help Internet Service Providers detect and prevent malicious email delivery because email has no built-in authentication mechanisms. However, it’s often spoofed in an attempt to extract information from a message’s recipient.
What is DMARC?
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a widely accepted email authentication policy and reporting protocol that ensures—when fully implemented—that only authorized senders can send email using the domain in the “From” field of their email messages.
Step #2: Ensure your DMARC policy is at enforcement
Reaching enforcement on your DMARC policy used to require a tedious process of scanning a long list of IP addresses to identify every service sending emails under your domain. Now you can bypass this error-prone work with Valimail Monitor—more on that below.
Step #3: Publish a BIMI record for your domain in DNS
With BIMI, you get to choose the logo you want to be displayed. Just create a square SVG image, store it in HTTPS, and enter the URL in your DNS TXT record. However, a few other steps must be taken in order for your logo to actually show up in the inbox.
Your business will need a Verified Mark Certificate (VMC) certifying that you are legally authorized to use your logo. VMCs allow companies to render their brand logo next to the “sender” field in email clients—visible even before the message is opened. Think of it as the email equivalent of the blue checkmark on Twitter or the verified badge on Instagram.
Get started with BIMI
Gmail’s adoption of BIMI demonstrates the importance of email as a means of engaging with customers. What’s more, it shows that email is far from done in its evolution—quite the contrary—the user experience is becoming richer, while senders are incentivized to make the channel more secure. Now with Gmail and Verizon Media supporting BIMI, the path forward for email senders is clear: authenticate and create new experiences for your recipients.
To make it easier for our customers to take advantage of BIMI, Twilio SendGrid is partnering with Valimail to provide you with an automated solution that guarantees DMARC Enforcement. Additionally, you can get started by taking advantage of Valimail Monitor, a free offer to receive a comprehensive list of every service sending emails on your behalf so you can approve legitimate services and keep email scammers from landing in recipients’ inboxes.
Once you’re on the path to DMARC enforcement, Valimail also has an automated BIMI solution that fast tracks the process of getting your authenticated logo in the inbox.
To get started, sign up for your free Valimail Monitor account here.