Does BIMI require a reject policy on the top level domain if subdomains have it?

Summary

BIMI requires a DMARC policy set to either 'quarantine' or 'reject' for both the top-level organizational domain and all subdomains sending email. Strict enforcement of this DMARC policy is a necessity for BIMI implementation. A 'none' policy or a quarantine policy below 100% is insufficient for BIMI compliance.

Key findings

DMARC Prerequisite: Implementation of a DMARC policy is a mandatory requirement for utilizing BIMI.
Acceptable DMARC Policies: The DMARC policy must be configured as either 'quarantine' or 'reject' to satisfy BIMI standards.
Scope of DMARC Coverage: The DMARC configuration applies to the top-level organizational domain and all subdomains used for sending emails.

Key considerations

Policy Enforcement: DMARC policies must be strictly enforced across the entire email ecosystem, including all subdomains.
Impact of 'Reject' Policy: Carefully evaluate the potential consequences of implementing a 'reject' policy before making the transition.
Monitoring and Analysis: Establish systems to monitor and analyze DMARC reports to ensure proper policy function and identify potential issues.

What email marketers say
8Marketer opinions

To implement BIMI successfully, a DMARC policy must be in place and enforced on both the organizational domain and all sending subdomains. The required DMARC policy level is either 'quarantine' or 'reject' (p=quarantine or p=reject). A policy of 'none' or a quarantine policy set below 100% is insufficient for BIMI compliance.

Key opinions

DMARC Requirement: BIMI mandates a DMARC policy to be implemented.
Policy Level: The DMARC policy must be either 'quarantine' or 'reject'.
Domain Scope: The DMARC policy must cover both the top-level organizational domain and all sending subdomains.

Key considerations

Policy Enforcement: Ensure that the DMARC policy is actively enforced to comply with BIMI requirements.
Gradual Rollout: Carefully consider the impact of a 'reject' policy before implementing it, and potentially start with a 'quarantine' policy for observation.
Subdomain Coverage: Verify that all subdomains used for sending emails are included in the DMARC policy.

Marketer view

Email marketer from EmailonAcid shares that a DMARC policy set to either 'quarantine' or 'reject' is needed for both the organizational domain and its subdomains.

July 2022 - EmailonAcid.com

Marketer view

Email marketer from Reddit explains that for BIMI to work, you need DMARC set to quarantine or reject on your sending domain, including subdomains.

January 2025 - Reddit

Marketer view

Email marketer from Email Geeks shares that the minimum DMARC policy for BIMI to work is quarantine p=100, anything below that (none or quarantine at <100%) and BIMI won’t work. *(results at individual MBPs may vary)

July 2024 - Email Geeks

Marketer view

Email marketer from OnlyMyEmail explains that to use BIMI, your sending domain and subdomains need DMARC protection set to either 'quarantine' or 'reject'.

February 2022 - onlymyemail.com

What the experts say
2Expert opinions

BIMI requires a DMARC policy with either "reject" or "quarantine" for the top-level organizational domain and all sending subdomains. Strict enforcement of this DMARC policy is essential for BIMI compliance.

Key opinions

DMARC Requirement: BIMI necessitates a DMARC record.
Acceptable Policies: The DMARC policy must be either 'reject' or 'quarantine'.
Scope of Enforcement: DMARC policy enforcement applies to both the top-level domain and all subdomains used for sending emails.

Key considerations

Enforcement is Key: Ensure DMARC policies are strictly enforced across all domains and subdomains.
Impact Assessment: Carefully assess the impact of implementing a 'reject' policy before making the change.

Expert view

Expert from Word to the Wise explains that BIMI requires strict enforcement. All sending domains, including subdomains, must have a DMARC record with a policy of either “quarantine” or “reject”.

May 2021 - Word to the Wise

Expert view

Expert from Email Geeks explains that BIMI requires that the registered top-level Organizational Domain and all subdomains be covered by a DMARC “reject” (or 100% “quarantine”) policy.

May 2024 - Email Geeks

What the documentation says
3Technical articles

BIMI implementation mandates a DMARC policy of either 'quarantine' or 'reject' for both the organizational domain and all subdomains that send mail. This policy needs to be enforced at the organizational level to ensure proper BIMI compliance.

Key findings

DMARC Requirement: A DMARC policy is a prerequisite for BIMI adoption.
Policy Options: The DMARC policy must be set to either 'quarantine' or 'reject'.
Domain Scope: The DMARC policy applies to the main organizational domain and all its sending subdomains.

Key considerations

Enforcement: DMARC must be actively enforced at the organizational level.
Policy Choice: Carefully consider whether to use 'quarantine' or 'reject' based on your organization's risk tolerance and monitoring capabilities.

Technical article

Documentation from dmarcian outlines that for BIMI, a DMARC policy of either quarantine or reject must be in place and enforced at the organizational level, impacting all sending domains and subdomains.

October 2024 - dmarcian.com

Technical article

Documentation from BIMI Group explains that BIMI requires a DMARC policy with either 'reject' (p=reject) or 'quarantine' (p=quarantine) set for the organizational domain and any subdomains sending mail.

September 2023 - bimigroup.org

Technical article

Documentation from Valimail describes how BIMI requires a DMARC policy set to either quarantine or reject, and this policy must apply to both the organizational domain and any subdomains used for sending email.

November 2023 - Valimail.com

How DMARC works with subdomains and the sp tag - Valimail

Learn how DMARC works with your subdomains and the sp tag to bring DMARC to enforcement and protect your business from impersonation.

Valimail -

Understanding BIMI | Kickbox University

Part 5 of our email authentication series covers BIMI: what it is, its implementation & benefits. BIMI allows senders to display their logo in the inbox

Kickbox Blog