How can I display my logo in Gmail and Microsoft, and what are the potential security risks?
Summary
What email marketers say12Marketer opinions
Email marketer from Litmus shares that implementing BIMI can be technically challenging, requiring expertise in DMARC, DNS records, and certificate management. They recommend consulting with email authentication specialists.
Email marketer from StackOverflow shares that displaying logos consistently across all email clients is challenging due to varying rendering engines and security settings. They recommend testing emails on different platforms to ensure compatibility.
Marketer from Email Geeks theorizes that Verizon (Yahoo/AOL) and Gmail will eventually only show logos with BIMI, and those logos will have to have certs.
Marketer from Email Geeks explains that the only catch in the spoofing theory is that you need to have the appropriate reputation on your lookalike domain to have your logo displayed.
Email marketer from Reddit explains that while BIMI can enhance trust, it doesn't completely eliminate spoofing risks. Phishers can still register lookalike domains and implement BIMI to trick users if they're not careful.
Marketer from Email Geeks shares that you can get your logo to display in Gmail and Microsoft without BIMI at all, and that it's all very confusing, and how Gmail's BIMI pilot works with all the other methods is unknown.
Marketer from Email Geeks raises a concern about setting up a spoof domain with SPF, DKIM, DMARC, logo in a Google Profile + Annotations, and BIMI to create a convincing user experience in Gmail and Yahoo, noting that you can't fake the logo in Microsoft, as a human has to approve that.
Email marketer from SparkPost explains that BIMI provides a secure way to display logos, enhancing brand recognition and providing assurance to recipients that the email is authentic and hasn't been spoofed. Implementation involves setting up DMARC and acquiring a VMC.
Email marketer from EmailVendorSelection shares that to display your logo with BIMI, you'll need a Verified Mark Certificate (VMC) from an authorized provider. This certificate verifies your logo and confirms your brand's authenticity.
Email marketer from Mailjet shares that BIMI allows you to display your brand's logo next to your messages in supporting email clients like Gmail. It requires DMARC, SPF, and DKIM authentication, along with a Verified Mark Certificate (VMC).
Email marketer from OutlookForums shares that displaying logos in Outlook can be achieved by embedding the image directly in the email signature or using a linked image hosted on a secure server. However, image display depends on the recipient's email client settings.
Email marketer from Gmass explains that using inline images in email signatures can display logos in some email clients, but these images may be blocked by default. They recommend hosting the logo on a reputable server.
What the experts say2Expert opinions
Expert from Word to the Wise explains that BIMI (Brand Indicators for Message Identification) allows for displaying logos in supporting email clients after passing authentication checks. This requires a Verified Mark Certificate (VMC) to ensure logo ownership and legitimacy, reducing spoofing risks. However, the article primarily focuses on BIMI setup and doesn't offer solutions for logo display in Microsoft Outlook. Security risks associated with spoofing and potential misrepresentation using BIMI are mentioned.
Expert from Email Geeks explains that unless you're in the BIMI pilot with Gmail you're not seeing images as a result of BIMI. Annotations also support logos but that also requires a minimum level of effort, engagement and authentication with Gmail. There are other "hacks" to get your logo to display at Gmail like setting up an accounts/profile with the sending domain, but none are "trust" signals
What the documentation says5Technical articles
Documentation from DMARC.org explains that BIMI builds upon DMARC, requiring a DMARC policy of 'p=quarantine' or 'p=reject' for your domain. This ensures that only authenticated emails are delivered, reducing the risk of spoofing.
Documentation from DigiCert explains that obtaining a VMC requires validating your trademarked logo with a certification authority. The VMC cryptographically links your logo to your domain, proving ownership and authenticity.
Documentation from Google Support explains that BIMI requires strong authentication (DMARC) and verifies logo ownership via a Verified Mark Certificate (VMC) to display a brand's logo, enhancing trust and email security.
Documentation from Entrust explains that digital certificates can be used to secure email communications and verify the sender's identity, reducing the risk of phishing and spoofing. Though not directly related to logo display, these certificates enhance overall email security.
Documentation from Microsoft explains that you can customize the Microsoft 365 sign-in page with your company logo and color scheme. This visual branding helps users recognize the login page as legitimate, reducing phishing risks.