What is BIMI and How to Set It Up

Logo display is ultimately up to each mailbox provider/client and may not appear for every recipient even when configured correctly

Increases brand trust: Recipients see your official logo next to your emails.
Improves recognition: Your emails stand out in crowded inboxes.
Encourages stronger security: BIMI requires DMARC enforcement, which helps prevent spoofing and phishing.

Prerequisites (Required for All BIMI Setups)

Before BIMI can work, your sending domain must meet these requirements:

1. Confirm Your Sending Domain

BIMI applies to the domain used in your visible From address.

For example:

news.example.com and example.com are treated as different domains.
The domain used in the From address must have SPF, DKIM, DMARC, and BIMI configured.

2. SPF and DKIM Must Be Configured

Your domain must successfully authenticate with SPF and/or DKIM so that DMARC can pass with alignment.

BIMI relies on DMARC passing — if DMARC fails, BIMI will not display.

3. DMARC Must Be Enforced

Monitoring-only DMARC (p=none) is not sufficient for BIMI.

Minimum requirement:

p=quarantine or p=reject

For Gmail specifically:

pct=100 is required

Example DMARC record:

v=DMARC1; p=quarantine; pct=100; adkim=s; aspf=s; rua=mailto:dmarc-reports@example.com

Provider-Specific Requirements

Gmail (Most Strict)

To display a BIMI logo in Gmail, you must have:

DMARC enforced (p=quarantine or p=reject) with pct=100
A VMC (Verified Mark Certificate) or CMC (Common Mark Certificate)
A BIMI DNS record pointing to your certificate (PEM file)

Gmail’s verified checkmark experience is tied to VMC/CMC certification.

Yahoo / AOL

May display BIMI using a self-asserted logo (no certificate required)
SPF, DKIM, and enforced DMARC are still required
VMC/CMC can be used if available

Apple Mail / iCloud

BIMI support varies by mailbox behavior
Strong authentication and certification improve the likelihood of display

Microsoft (Outlook / Hotmail / Exchange Online)

BIMI logos are not reliably supported
SPF, DKIM, and DMARC are still strongly recommended for deliverability and security

How to Set Up BIMI (Gmail-Ready)

Step 1 — Prepare Your BIMI Logo

Must be SVG Tiny PS (tiny-ps), not a standard SVG
Host the file publicly over HTTPS

Example:

https://images.example.com/bimi/logo.svg

Step 2 — Obtain a VMC or CMC (Required for Gmail)

VMC: Requires a trademarked logo
CMC: Available for some non-trademark scenarios

The certificate is provided as a PEM file.

Example: https://images.example.com/bimi/certificate.pem

Step 3 — Host Files Over HTTPS

Ensure that:

URLs are publicly accessible
No authentication is required
HTTPS is valid and stable
Files are not frequently changed

Step 4 — Publish the BIMI DNS Record

BIMI record location:

default._bimi.example.com

v=BIMI1; l=; a=https://images.example.com/bimi/certificate.pem

v=BIMI1; l=https://images.example.com/bimi/logo.svg

DNS propagation and provider verification can take up to 48 hours
Mailbox providers cache results, so updates are not always immediate

Troubleshooting: Why Logos Don’t Appear

Common reasons BIMI logos fail to display:

DMARC is not enforced (p=none)
Gmail-specific: pct is not set to 100
BIMI record published on the wrong domain (root vs subdomain mismatch)
SVG is not truly BIMI-compliant (tiny-ps)
Missing or invalid VMC/CMC for Gmail
HTTPS hosting issues (blocked access, redirects, TLS errors)

BIMI improves brand trust and inbox presence, but it requires strong authentication and careful setup. If your logo does not appear immediately, verify each prerequisite step and allow time for mailbox provider caching.

Need Help?

If you have questions or need assistance, please contact our support team at support@tryletterhead.com or log a support ticket through the Help Center!