How to Prepare for Gmail's Rollout of BIMI

July 14, 2021
Written by
Len Shneyder
Opinions expressed by Twilio contributors are their own

How to Prepare for Gmail's Rollout of BIMI

After a year-long pilot of Brand Indicators for Message Identification (BIMI), Gmail has officially announced that it will roll out general support of BIMI to help drive the adoption of stronger sender authentication.

BIMI is an industry standard that attempts to increase the wide adoption of email authentication in the ecosystem while simultaneously providing senders a way to give recipients a more immersive experience. Built on top of existing email authentication technologies, BIMI requires senders to publish SPF, DKIM, and DMARC at enforcement to get the benefit of BIMI and the new inbox experience.

What does BIMI mean for your brand?

BIMI improves visibility and engagement for brands that take the time to properly authenticate email, making the email ecosystem safer and providing a richer inbox experience. When brands don’t adhere to certain standards, Gmail may flag them as risky with question marks or other iconography.

BIMI can benefit your brand by:
  • Increasing brand impressions with a trademarked logo present in the inbox
  • Giving you control over how your brand logo displays globally
  • Providing visual differentiation in the inbox to improve engagement across devices
To learn more about BIMI and how it works, read our article, What is BIMI?

Getting ready for BIMI 

To take advantage of the new BIMI standard and display your logo alongside your messages in the inbox, you’ll need to do more than just create a BIMI record. Most of the time, these steps are manual and a bit confusing—don’t worry, we’ll show you a way to get most of it done automatically.

Step #1: Set up your SPF, DKIM, and DMARC records

What is SPF?

Sender Policy Framework (SPF) is an open standard for authenticating email. It checks that the IP address that sends an email is on an approved list published by the domain owners. If a mail server with an IP address not on the approved list tries to send an email using that domain, it won’t pass SPF authentication.

What is DKIM?

DomainKeys Identified Mail (DKIM) is a validation method that improves upon SPF’s protocols by using public key cryptography to authenticate individual email messages. Its purpose is to help internet service providers (ISPs) detect and prevent malicious email delivery because email has no built-in authentication mechanisms. However, it’s often spoofed in an attempt to extract information from a message’s recipient.

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a widely accepted email authentication policy and reporting protocol that ensures—when fully implemented—that only authorized senders can send email using the domain in the from field of email messages.

Step #2: Ensure your DMARC policy is at enforcement

Reaching enforcement on your DMARC policy used to require a tedious process of scanning a long list of IP addresses to identify every service sending emails under your domain. Now you can bypass this error-prone work with Valimail Monitor—more on that below.

Step #3: Publish a BIMI record for your domain in DNS

With BIMI, you get to choose the logo you want to display. Just create a square scalable vector graphics (SVG) image, store it in HTTPS, and enter the URL in your DNS TXT record. However, a few other steps are necessary for your logo to actually show up in the inbox.

Your business will need a Verified Mark Certificate (VMC) certifying that you are legally authorized to use your logo. VMCs allow companies to render the brand logo next to the sender field in email clients—visible even before the message opens. Think of it as the email equivalent of the blue check mark on Twitter or the verified badge on Instagram. 

Get started with BIMI

Gmail’s adoption of BIMI demonstrates the importance of email as a means of engaging with customers. What’s more, it shows that email is far from done in its evolution. Quite the contrary, the user experience is becoming richer while incentivizing senders to make the channel more secure. Now with Gmail and Verizon Media supporting BIMI, the path forward for email senders is clear: authenticate and create new experiences for your recipients. 

To make it easier for you to take advantage of BIMI, Twilio SendGrid is partnering with Valimail to provide you with an automated solution that facilitates DMARC enforcement. Additionally, you can get started by taking advantage of Valimail Monitor, a free offer to receive a comprehensive list of every service sending emails on your behalf so that you can approve legitimate services and keep email scammers from landing in recipient inboxes.   

Once you’re on the path to DMARC enforcement, Valimail also has an automated BIMI solution that fast-tracks the process of getting your authenticated logo in the inbox.

To get started, sign up for your free Valimail Monitor account here.

Recommended For You

Most Popular

Send With Confidence

Partner with the email service trusted by developers and marketers for time-savings, scalability, and delivery expertise.