How do I set up BIMI? Is a VMC certificate always required?
Summary
What email marketers say13Marketer opinions
Email marketer from Mailjet shares that BIMI provides brand control over logos displayed in email inboxes, requires DMARC authentication (p=quarantine or p=reject), a valid SVG logo, and a VMC to display the logo in most major email clients like Gmail.
Email marketer from Reddit user u/email_expert advises to first ensure DMARC is set to p=quarantine or p=reject. Then obtain a VMC from a recognized Certification Authority before setting up the BIMI DNS record with the logo and VMC URLs.
Email marketer from Reddit user u/email_enthusiast mentions that while a VMC is typically required for Gmail, some mailbox providers like Yahoo may display BIMI logos without one, though this might have limited reach.
Marketer from Email Geeks explains the reason for Google mandating VMC - is that bad actors could self-sign a certificate and put any logo, making the phishing issue much worse.
Marketer from Email Geeks explains that GoDaddy doesn't support BIMI and Google requires a VMC.
Marketer from Email Geeks shares that in addition to technical requirements, each mailbox provider has their own criteria for determining whether or not to display a logo with a given message.
Marketer from Email Geeks shares that BIMI without a VMC is called “self-asserted” and provides the record format. Also explains 'declination to publish'.
Email marketer from Validity shares common challenges in BIMI setup, including DMARC configuration errors, SVG formatting issues, and problems with VMC validation. They recommend careful testing and monitoring.
Marketer from Email Geeks shares that using BIMI without a VMC will only work on Fastmail and Yahoo with some caveats.
Email marketer from Mailosaur says that BIMI has a number of steps to complete and a cost of around $1,000 USD due to the VMC requirement.
Email marketer from ZeroBounce outlines the implementation steps for BIMI: checking DMARC settings, creating a properly formatted SVG logo, obtaining a VMC, and publishing the BIMI DNS record.
Marketer from Email Geeks responds to the question about additional steps with individual mailbox providers after BIMI registration, by clarifying that there are no individual steps with each mailbox provider. You just have to be the kind of sender whose mail ends up in the Inbox on a routine basis.
Email marketer from EasyDMARC highlights BIMI's potential to improve brand reputation and email engagement, noting that consistent logo display builds trust and recognition with recipients.
What the experts say1Expert opinion
Expert from Spam Resource explains that setting up BIMI involves DMARC and a VMC. The VMC helps reduce phishing by only allowing verified logos to display and explains that without a VMC only some providers will show the logo.
What the documentation says5Technical articles
Documentation from Skysnag details the BIMI setup including DMARC policy at p=quarantine or p=reject, obtaining a VMC, publishing the BIMI record in DNS. Also notes you need to use a verified SVG logo.
Documentation from DigiCert clarifies that a VMC verifies logo ownership and requires demonstrating exclusive rights to use the logo. It involves trademark registration and verification by an authorized VMC provider.
Documentation from AuthSMTP outlines the steps to set up BIMI including having valid DMARC, creating a BIMI record, and using a VMC. It also refers to setting up the DNS record on your DNS server.
Documentation from Entrust.com explains that BIMI enhances brand visibility in email inboxes and requires a VMC (Verified Mark Certificate) for most major email providers to display the logo.
Documentation from BIMI Group details the BIMI DNS record format. It includes the version ('v=BIMI1;'), logo URL ('l='), and the optional VMC location ('a='). The VMC location is needed to prove ownership of the logo.