After a year-long pilot of Brand Indicators for Message Identification (BIMI), Gmail has officially announced that it will roll out general support of BIMI to help drive the adoption of stronger sender authentication.

BIMI is an industry standard that attempts to increase the wide adoption of email authentication in the ecosystem while simultaneously providing senders a way to give recipients a more immersive experience. Built on top of existing email authentication technologies, BIMI requires senders to publish SPF, DKIM, and DMARC at enforcement to get the benefit of BIMI and the new inbox experience.

What does BIMI mean for your brand?

BIMI improves visibility and engagement for brands that take the time to properly authenticate email, making the email ecosystem safer and providing a richer inbox experience. When brands don’t adhere to certain standards, Gmail may flag them as risky with question marks or other iconography.

BIMI can benefit your brand by:

  • Increasing brand impressions with a trademarked logo present in the inbox
  • Giving you control over how your brand logo displays globally
  • Providing visual differentiation in the inbox to improve engagement across devices

To learn more about BIMI and how it works, read our article, What is BIMI?

Getting ready for BIMI 

To take advantage of the new BIMI standard and display your logo alongside your messages in the inbox, you’ll need to do more than just create a BIMI record. Most of the time, these steps are manual and a bit confusing—don’t worry, we’ll show you a way to get most of it done automatically.

Step #1: Set up your SPF, DKIM, and DMARC records

What is SPF?

Sender Policy Framework (SPF) is an open standard for authenticating email. It checks that the IP address that sends an email is on an approved list published by the domain owners. If a mail server with an IP address not on the approved list tries to send an email using that domain, it won’t pass SPF authentication.

What is DKIM?

DomainKeys Identified Mail (DKIM) is a validation method that improves upon SPF’s protocols by using public key cryptography to authenticate individual email messages. Its purpose is to help internet service providers (ISPs) detect and prevent malicious email delivery because email has no built-in authentication mechanisms. However, it’s often spoofed in an attempt to extract information from a message’s recipient.

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a widely accepted email authentication policy and reporting protocol that ensures—when fully implemented—that only authorized senders can send email using the domain in the from field of email messages.

Step #2: Ensure your DMARC policy is at enforcement

Reaching enforcement on your DMARC policy used to require a tedious process of scanning a long list of IP addresses to identify every service sending emails under your domain. Now you can bypass this error-prone work with Valimail Monitor—more on that below.

Step #3: Publish a BIMI record for your domain in DNS

With BIMI, you get to choose the logo you want to display. Just create a square scalable vector graphics (SVG) image, store it in HTTPS, and enter the URL in your DNS TXT record. However, a few other steps are necessary for your logo to actually show up in the inbox.

Your business will need a Verified Mark Certificate (VMC) certifying that you are legally authorized to use your logo. VMCs allow companies to render the brand logo next to the sender field in email clients—visible even before the message opens. Think of it as the email equivalent of the blue check mark on Twitter or the verified badge on Instagram. 

Get started with BIMI

Gmail’s adoption of BIMI demonstrates the importance of email as a means of engaging with customers. What’s more, it shows that email is far from done in its evolution. Quite the contrary, the user experience is becoming richer while incentivizing senders to make the channel more secure. Now with Gmail and Verizon Media supporting BIMI, the path forward for email senders is clear: authenticate and create new experiences for your recipients. 

To make it easier for you to take advantage of BIMI, Twilio SendGrid is partnering with Valimail to provide you with an automated solution that facilitates DMARC enforcement. Additionally, you can get started by taking advantage of Valimail Monitor, a free offer to receive a comprehensive list of every service sending emails on your behalf so that you can approve legitimate services and keep email scammers from landing in recipient inboxes.   

Once you’re on the path to DMARC enforcement, Valimail also has an automated BIMI solution that fast-tracks the process of getting your authenticated logo in the inbox.

To get started, sign up for your free Valimail Monitor account here.

Len Shneyder is a 15+ year email and digital messaging veteran and the VP of Industry Relations at Twilio SendGrid. Len serves as an evangelist and proponent of best practices and he drives thought leadership and data-driven insights on industry trends based on the massive volume of email SendGrid delivers on behalf of their customers. Len is a longtime member of M3AAWG (the Messaging, Malware, Mobile Anti-Abuse Working Group) and served on its board in addition to Co-Chairing the Program Committee. He’s also part of the MAC (Member Advisory Committee) of the EEC (Email Experience Council) where he serves as the organization's MAC Chair. The EEC is a professional trade organization focused on promoting email marketing best practices. The EEC is owned by the ANA (Association of National Advertisers), a nearly 100-year-old organization where he also sits on the Ethics Committee. In addition, Len has worked closely with the ESPC (Email Sender & Provider Coalition) on issues surrounding data privacy and email deliverability.