Open your inbox right now. Notice how some senders show a polished brand logo next to their name, while others display a generic gray circle with their initial? That difference isn’t random — it’s BIMI.

Brands that have implemented BIMI get a measurable advantage. A Red Sift survey found BIMI delivers a 90% increase in consumer confidence in sender legitimacy. With email already returning $36 for every $1 invested, that trust signal directly amplifies an already-profitable channel.

This guide walks through everything you need: what BIMI is, why it matters in 2026, the prerequisites, the SVG and VMC requirements, the 7-step implementation process, and how to troubleshoot when your logo doesn’t show up.

This article is part of our Email deliverability guide.

What Is BIMI?

BIMI stands for Brand Indicators for Message Identification. It’s an email standard that lets domain owners display their verified brand logo next to authenticated email messages in supporting inboxes.

The contrast is dramatic:

  • Without BIMI: A generic placeholder logo shows the first letter of the sender’s name in a colored circle. Forgettable. Indistinguishable from spoofers.
  • With BIMI: Your actual brand logo appears next to every message, instantly recognizable to subscribers.

BIMI isn’t a standalone feature. It works alongside the existing email authentication stack — SPF, DKIM, and DMARC — as the visible payoff for senders who’ve done the authentication work properly. The protocol was first formalized in 2019 by the AuthIndicators Working Group, and adoption has grown steadily as Google, Yahoo, Apple Mail, Fastmail, and La Poste have rolled out support.

Mechanically, BIMI is a TXT record published in your DNS at default._bimi.[yourdomain]. When a supporting mailbox provider receives an email from your domain, it checks DMARC alignment, queries your BIMI record, fetches your logo, and displays it next to the message — all in milliseconds.

Why BIMI Matters in 2026

BIMI used to be a “nice to have.” Three forces have pushed it into “should have” territory:

  • Inbox clutter is at an all-time high. Visual differentiation helps your emails stand out in crowded promotions tabs and feed-style inboxes.
  • Phishing is more sophisticated. Spoofers can fake your domain, but they can’t fake a verified BIMI logo tied to your trademark and DMARC chain.
  • Privacy-era trust signals carry more weight. Apple Mail Privacy Protection has muddied open-rate data; visual brand cues like BIMI logos pick up the slack as engagement signals.

There’s also the Gmail/Yahoo bulk sender push from 2024 onward. While BIMI isn’t strictly required by those rules, the underlying authentication stack BIMI demands (SPF + DKIM + DMARC at quarantine or reject) is now mandatory for high-volume senders. Implementing BIMI is largely a question of finishing what authentication compliance already started.

For Gmail Promotions tab visibility specifically, BIMI with a Verified Mark Certificate is a clear advantage — your logo appears as a featured visual element, drawing attention in a tab that often gets ignored.

How BIMI Works (The Mechanics)

When a recipient’s mailbox provider receives an email from your domain, it runs through this sequence:

  1. Check SPF and DKIM authentication.
  2. Verify DMARC alignment and policy.
  3. Query DNS for default._bimi.[yourdomain] TXT record.
  4. Fetch the SVG logo at the URL specified in the record.
  5. Validate the Verified Mark Certificate (if required by the provider).
  6. Display the logo next to the message in the inbox.

If any step fails, the logo doesn’t show. That’s why DMARC alignment matters so much — it’s the gatekeeper for the entire BIMI flow.

Mailbox provider support as of 2026:

  • Gmail: Full support; requires VMC for logo display.
  • Yahoo Mail: Full support; VMC strongly recommended.
  • Apple Mail (iOS 16+, macOS Ventura+): Full support with Mail Privacy Protection considerations.
  • Fastmail: Full support.
  • La Poste: Full support.
  • Microsoft Outlook: Limited / in development.

BIMI Prerequisites Checklist

Before you touch a BIMI record, verify these are in place:

  • SPF record published and aligned with your sending infrastructure.
  • DKIM signing configured for your sending domain.
  • DMARC record at p=quarantine or p=reject. A p=none policy will not work for BIMI under any circumstances.
  • Consistent sending from the same domain over a sustained period.
  • A trademarked brand logo (required for VMC).
  • Trademark registered with an intellectual property office recognized by VMC issuers (USPTO, EUIPO, JPO, KIPO, etc.). Use the WIPO Brand Database to verify.
  • HTTPS-secured server to host your SVG logo file and PEM certificate file.

If any of these are missing, fix them first. BIMI fails silently when prerequisites aren’t met — your record will publish but the logo simply won’t appear.

SVG Logo Requirements (The BIMI Tiny PS Spec)

BIMI requires logos in SVG Tiny Portable/Secure (SVG Tiny PS) format. This is a stripped-down SVG variant designed for security and consistent rendering across email clients.

The rules:

  • Square aspect ratio (1:1)
  • Solid background color — no transparency
  • Logo centered with breathing room (it may be displayed in a rounded frame)
  • File size under 32 KB
  • No external references, scripts, or animations
  • No raster images embedded inside the SVG
  • baseProfile=”tiny-ps” attribute set in the SVG root

Most standard SVG exports from design tools won’t pass BIMI validation out of the box. You’ll usually need to clean up the file manually or use a converter.

Tools to help:

  • The BIMI Group SVG converter converts standard SVGs to compliant Tiny PS format.
  • Adobe Illustrator can export SVG with manual edits to remove non-compliant elements.
  • The BIMI Inspector tool validates your SVG and previews how it will display.

Design tip: since logos may render inside rounded frames or with corners cropped, design with safe margins. Don’t put critical detail near the edges, and avoid logos that depend on perfect square corners.

Verified Mark Certificate (VMC): Do You Need One?

A Verified Mark Certificate is a cryptographic certificate that proves you legally own the trademark for your logo. Think of it as an SSL certificate, but for your brand identity.

When VMC is required:

  • Gmail: VMC is required for logo display.
  • Apple Mail: VMC required.
  • Yahoo Mail: Strongly recommended; logos may display without one but with reduced trust signals.

When VMC is optional:

  • Smaller mailbox providers may display BIMI logos based on the DNS record alone, without requiring VMC.

How to get a VMC:

  1. Confirm your logo is registered as a trademark with a VMC-accepted IP office.
  2. Apply through one of the two authorized issuers:
    DigiCert
    Entrust
  3. Submit your SVG logo, trademark documentation, and organizational verification materials.
  4. Complete the issuer’s vetting process (typically 4–6 weeks).
  5. Receive your PEM certificate file.

VMC cost: typically $1,000–$1,500 per year, with annual renewal required.

Alternative: Common Mark Certificate (CMC). A newer option from the Mark Certificate ecosystem that allows non-trademarked logos to qualify for BIMI display in some mailbox providers. CMC accepts logos with documented public use rather than registered trademarks, making BIMI accessible to creators, smaller brands, and nonprofits that can’t easily justify trademark registration costs. Support is more limited than VMC but expanding.

The 7-Step BIMI Implementation Process

Here’s the complete flow from zero to displaying your logo:

Step 1: Verify SPF, DKIM, and DMARC are configured and aligned. Use MXToolbox or DMARC analyzers to confirm all three are publishing correctly. Address any failures or alignment issues before proceeding. For Sender users, verifying SPF and DKIM records in Sender documents the in-platform check that confirms your sending domain is fully authenticated. Address any failures or alignment issues before proceeding.

Step 2: Strengthen your DMARC policy to p=quarantine or p=reject. If you’re at p=none, you’ll need to move up. This often requires a phased migration: monitor DMARC reports, fix unauthorized senders, then ratchet up the policy. Skipping this step is the most common BIMI failure point.

Step 3: Register your logo as a trademark (if you haven’t already). Apply through USPTO, EUIPO, or your regional IP office. Trademark registration takes 6–12 months on average. If your logo is already trademarked, confirm it’s registered with an office VMC issuers accept.

Step 4: Purchase a VMC from DigiCert or Entrust. Submit your SVG logo, trademark documentation, and organizational verification. Plan for a 4–6 week vetting cycle.

Step 5: Create your SVG Tiny PS logo file. Use the BIMI Group converter or manually edit your SVG to meet spec. Validate with the BIMI Inspector before publishing.

Step 6: Host the SVG and PEM files on an HTTPS server. Both URLs must be publicly accessible and start with https://. Common hosting choices: your CDN, AWS S3 with CloudFront, or your existing web infrastructure.

Step 7: Publish the BIMI TXT record in your DNS. Add a TXT record at default._bimi.[yourdomain] with your BIMI record value. Wait 24–48 hours for propagation, then verify.

Anatomy of a BIMI Record

A BIMI record is a single string of tags separated by semicolons. Here’s a complete example:

v=BIMI1; l=https://yourdomain.com/logo.svg; a=https://yourdomain.com/vmc.pem

Three core tags:

  • v=BIMI1 — The BIMI version. Currently always BIMI1. Required.
  • l=https://... — The URL of your hosted SVG logo. Required.
  • a=https://... — The URL of your VMC PEM file. Required by Gmail; optional for some other providers.

Published as a DNS TXT record:

Record TypeNameValueTTL
TXTdefault._bimiv=BIMI1; l=https://yourdomain.com/logo.svg; a=https://yourdomain.com/vmc.pemDefault

Critical gotcha: the SVG file referenced in your BIMI record must be byte-identical to the SVG embedded in your VMC PEM file. If you update your logo, you must reissue the VMC. Mismatched SVGs are one of the most common silent BIMI failures.

You can also use selectors beyond default (e.g., selector1._bimi) for different sending streams, similar to DKIM selectors — though most senders only need default.

Publishing the BIMI Record (Step-by-Step)

The exact process varies by DNS provider, but the general flow is the same:

  1. Log into your DNS provider control panel (Cloudflare, Route 53, GoDaddy, Namecheap, etc.).
  2. Navigate to the DNS records section for your domain.
  3. Add a new record with type TXT.
  4. Set the host/name field to default._bimi.
  5. Set the value to your full BIMI record string.
  6. Save and wait for propagation.

Provider-specific notes:

  • Cloudflare: Use the DNS app, set TTL to “Auto” or 1 hour for faster updates.
  • Route 53: Add the record under your hosted zone; quoted values may not be necessary depending on input format.
  • GoDaddy: Use the DNS Management page; some interfaces require the host as the full subdomain.
  • Namecheap: Use the Advanced DNS section; the host field accepts subdomain prefixes directly.

Propagation time: typically 24 hours, sometimes up to 48. Don’t panic if your logo doesn’t appear immediately.

Verifying Your BIMI Setup

Once your record is published, validate it before assuming anything works.

Tools to use:

  • BIMI Inspector (AuthIndicators Working Group) — checks record syntax, validates the SVG, and previews logo display in light and dark mode.
  • DMARCLY BIMI checker — quick lookup of whether your record is properly published.
  • MXToolbox BIMI lookup — checks DNS configuration.

Real-world test: send an email from your domain to your own Gmail and Yahoo accounts. Wait a few minutes (sometimes longer for first-time setup), then check whether your logo displays.

Test in dark mode. Most modern inboxes support dark mode, and logos with transparent or dark backgrounds may not display correctly. The BIMI Inspector includes a dark mode preview specifically for this.

Troubleshooting BIMI Issues

If your logo isn’t showing up, work through this checklist:

DMARC at p=none — The most common failure. BIMI requires p=quarantine or p=reject. Tighten your policy and republish.

SVG format invalid — Standard SVGs often fail BIMI validation. Run yours through the BIMI Inspector and fix any flagged issues. Common problems: missing baseProfile="tiny-ps", embedded raster images, scripts, external references.

HTTPS missing — Both your SVG URL and PEM URL must start with https://. HTTP will silently fail.

SVG mismatch with VMC — The SVG in your BIMI record must match the SVG in your VMC PEM file exactly. Any change requires reissuing the VMC.

DNS propagation delay — Wait the full 24–48 hours before troubleshooting record-level issues.

VMC expired — VMCs expire annually. Set a renewal reminder.

Domain alignment failure — Your sending domain (RFC5322 From) must align with your DKIM/SPF authentication domain. If they’re misaligned, DMARC fails, and BIMI fails with it.

Caching — Some inboxes cache BIMI lookup results. After fixing an issue, it may take additional time for changes to appear.

BIMI Best Practices

  • Use default._bimi as your primary record unless you have a specific reason to use selectors.
  • Maintain DMARC at quarantine or reject permanently. Don’t downgrade after BIMI is working.
  • Renew your VMC before expiration. Set calendar reminders 60 days out.
  • Use the same logo across all sending domains for brand consistency.
  • Test in light AND dark mode before going live.
  • Apply BIMI to subdomains separately if you’ve segmented mail streams (marketing, transactional, support).
  • Monitor logo display across providers. Set up periodic verification checks via BIMI Inspector or a deliverability tool.

BIMI for Different Use Cases

Different sender profiles approach BIMI differently:

Enterprise senders with multiple sending domains usually buy a VMC per primary domain or use a consolidated approach across subdomains. Coordinate with security and IT teams since DMARC enforcement affects the whole organization.

E-commerce brands benefit most from Gmail Promotions tab visibility — your logo appears alongside product imagery, dramatically improving brand recall in the most commercially active inbox tab. How inbox placement works in Gmail’s Promotions tab covers the underlying mechanics — Promotions is a sub-folder of the inbox, not a downgrade, and BIMI amplifies it.

Newsletters and creators without registered trademarks should explore Common Mark Certificates (CMC) as a more accessible path to BIMI display.

Transactional senders (receipts, password resets, notifications) gain trust signals where they matter most — high-stakes emails users are scanning quickly. BIMI reduces the chance of legitimate transactional messages being mistaken for phishing.

Agencies managing multiple client domains should treat each client’s BIMI setup as a separate project with its own VMC, trademark, and DMARC chain.

Nonprofits can use CMC to display logos without the full trademark + VMC investment, though discount programs from DigiCert and Entrust occasionally reduce VMC costs for qualifying organizations.

The ROI of BIMI

The business case is straightforward:

  • 90% lift in consumer confidence in sender legitimacy (Red Sift)
  • Measurable improvements in open rates and engagement for BIMI-enabled senders
  • Brand recall and recognition gains in cluttered inboxes
  • Reduced phishing impact since spoofers can’t replicate the verified logo
  • Compounding email program ROI on top of the baseline $36 per $1 return

Cost-benefit analysis: a $1,000–$1,500 annual VMC investment is trivial compared to even a single percentage point of open-rate improvement on a list of meaningful size. For a sender with 100,000 subscribers and a 25% open rate, a 1% lift = 1,000 additional opens per campaign. Across 24 campaigns annually, that’s 24,000 additional engaged interactions for a fraction of typical CAC.

The upside grows over time as more mailbox providers add BIMI support and as users become more conditioned to trust verified-logo senders over generic placeholders.

The Future of BIMI

Where the standard is heading:

  • Common Mark Certificates are expanding access to creators, small brands, and non-trademarked logos.
  • Apple Mail’s full BIMI support in iOS 16+ has dramatically expanded reach to mobile email users.
  • Microsoft Outlook adoption is in active development; broader support would push BIMI from “important” to “essential.”
  • AI-driven inbox curation is making trust signals more important — algorithmic sorting rewards verified senders.
  • Integration with newer authentication standards is on the roadmap as the AuthIndicators Working Group continues evolving the spec.

If you implement BIMI now, you’ll be positioned for every expansion of support and every algorithmic shift toward trust-based inbox prioritization.

Frequently Asked Questions

Is BIMI required?

No, BIMI is optional. But the underlying authentication (SPF/DKIM/DMARC) is increasingly mandatory under Gmail/Yahoo bulk sender rules, so you’re most of the way there already.

Does BIMI work in Outlook?

Microsoft Outlook support is limited as of 2026 but in active development. Gmail, Yahoo, Apple Mail, Fastmail, and La Poste all support BIMI fully.

How much does BIMI cost?

The BIMI record itself is free. A VMC costs $1,000–$1,500 per year. Trademark registration (if needed) varies by jurisdiction — typically $250–$1,000 in filing fees plus legal costs.

How long does BIMI implementation take?

If your authentication is already in place and your logo is trademarked, expect 4–8 weeks total — mostly waiting for VMC issuance. From scratch, including trademark registration, plan for 6–12 months.

Can I use BIMI without a VMC?

Yes for some providers (Yahoo, Fastmail), no for Gmail and Apple Mail. Most senders should plan on getting a VMC for full coverage.

What’s the difference between VMC and CMC?

VMC requires a registered trademark and is accepted by all major BIMI-supporting providers. CMC accepts logos with documented public use, lowering the barrier — but with narrower provider support so far.

Why isn’t my BIMI logo showing in Gmail?

The most common causes: DMARC at p=none, missing or invalid VMC, SVG format errors, or HTTPS not properly configured on your hosting. Run the BIMI Inspector for specific diagnostics.

Does BIMI improve deliverability?

Indirectly, yes. BIMI requires strong authentication, which improves deliverability fundamentals. Plus, higher engagement from logo recognition feeds back into sender reputation.

Can I use a non-trademarked logo?

For VMC, no — you need a registered trademark. For Common Mark Certificate (CMC), you can use logos with documented public use without trademark registration, though provider support is narrower.

Do I need to renew my VMC?

Yes. VMCs are valid for one year and require annual renewal. Set reminders 60 days before expiration to avoid logo display interruptions.

Conclusion

BIMI converts the broader email deliverability work BIMI rewards into a visible brand asset — subscribers see your logo, spoofers can’t fake it, mailbox providers reward you with stronger trust signals.

Start with the prerequisites: SPF, DKIM, DMARC at quarantine or reject, all properly aligned. If those aren’t solid, fix them first. Then plan the VMC application, prepare your SVG Tiny PS logo, host it securely, publish your BIMI record, and verify everything displays correctly across major providers.

In an inbox where every visual cue matters, BIMI is one of the few standards that lets your brand speak for itself before the subscriber even opens the email. The senders implementing it now are buying a permanent advantage — make sure you’re one of them.