How do I set up DMARC for BIMI and what are the key considerations?
Summary
What email marketers say9Marketer opinions
Email marketer from ZeroBounce shares that BIMI requires a Validated Mark Certificate (VMC) to ensure the logo displayed is authentic and owned by the sender. This helps prevent spoofing and increases trust.
Email marketer from Mailhardener talks about BIMI being largely free except for the cost of a VMC. They encourage marketers to setup DMARC first to ensure BIMI works.
Marketer from Email Geeks explains that DMARC reports are different than feedback loops and are sent by mailbox providers to the domain owner or a service provider like MxToolbox. These reports provide SPF and DKIM authentication results on all mailstreams, including marketing and corporate email.
Email marketer from EasyDMARC shares that implementing BIMI involves ensuring DMARC is set up correctly, obtaining a VMC for your logo, and publishing the BIMI DNS record. They emphasize the importance of monitoring DMARC reports to maintain email security.
Email marketer from SparkPost runs through the process of: ensuring DMARC is implemented; ensuring a valid SSL certificate is enabled for your logo URL and finally publishing the BIMI record in DNS.
Email marketer from Litmus shares that BIMI helps brands showcase their logo in recipient inboxes, increasing brand recognition and trust. It also encourages senders to implement strong email authentication practices like DMARC.
Email marketer from Red Sift explains that BIMI helps increase brand visibility in email inboxes and improves email security by leveraging DMARC. They discuss BIMI's benefits in enhancing brand trust and customer engagement.
Email marketer from Mailjet explains that setting up BIMI requires a correctly configured DMARC policy, a VMC, and a BIMI DNS record. They advise starting with a 'p=none' DMARC policy to monitor email streams before enforcing stricter policies.
Marketer from Email Geeks explains that the organization's domain will need to be at DMARC enforcement to leverage BIMI. Mentions that someone in the organization is using MXToolbox to process DMARC reports.
What the experts say2Expert opinions
Expert from Word to the Wise, Laura Atkins, shares that BIMI provides a way to display your brand logo in supporting inboxes, but also emphasizes that the requirements for DMARC are quite strict (reject or quarantine) and that getting authentication correct is critical. Not all email programs support it yet.
Expert from Email Geeks shares the process for setting up DMARC for BIMI. The process includes deploying SPF and DKIM, ensuring they align with the From address, deploying on all mail streams, and deploying DMARC in p=none mode. Steve recommends monitoring feedback reports to identify missed mail streams and deploying aligned SPF and DKIM on those, repeating the process for at least three months, before escalating to enforcing policies and ultimately BIMI.
What the documentation says4Technical articles
Documentation from BIMI Group explains that to display a BIMI logo, the sending domain must be authenticated with DMARC at a policy of 'quarantine' or 'reject'. A Validated Mark Certificate (VMC) is also required to prove logo ownership.
Documentation from DMARC.org explains the initial steps for DMARC deployment: assess your mail streams, set up SPF and DKIM, then set a DMARC policy of p=none to start collecting data and understanding your email ecosystem before moving to stricter policies.
Documentation from Global Cyber Alliance explains the DMARC policy options: none, quarantine, and reject. 'None' allows monitoring, 'quarantine' sends unauthenticated emails to spam, and 'reject' blocks them entirely.
Documentation from AuthSMTP details that BIMI requires a DMARC policy to be in place. This policy should be set to either 'quarantine' or 'reject' for BIMI to function correctly, ensuring only authenticated emails display the logo.