Suped

How do I validate BIMI records and fix common errors?

10 Marketer opinions4 Expert opinions6 Technical articles8 Resources

Summary

Validating BIMI records involves a multi-faceted approach encompassing DNS configuration, SVG logo validation, and email authentication protocols. The BIMI record, a TXT record located in the domain's DNS zone at `default._bimi.client.com`, specifies the logo's location. The SVG logo must be a square vector graphic without text, served over HTTPS. Common errors include using raster images saved as SVGs and incorrect sizing. VMCs, digital certificates authenticating logos, are optional but often required by Gmail; ensure the issuing CA is trusted. Use online validators to check DNS settings, syntax, and HTTPS status. Implementing BIMI effectively requires SPF, DKIM, and DMARC setup with a DMARC policy of `p=quarantine` or `p=reject`. Remember to test across different email clients, and ensure all URLs are accessible over HTTPS.

Key findings

  • Record Location: BIMI record resides in DNS zone at `default._bimi.client.com`.
  • SVG Requirements: SVG logos must be square, vector-based, text-free, and served over HTTPS.
  • VMC Necessity: VMCs are needed for some providers (e.g., Gmail).
  • Validator Importance: Online validators assess DNS settings, syntax, and HTTPS status.
  • Authentication Prerequisites: SPF, DKIM, and DMARC (with `p=quarantine` or `p=reject`) are essential.

Key considerations

  • Logo Validation: Verify SVG logos are true vector graphics, properly sized, and accessible.
  • HTTPS Enforcement: Ensure logos and VMCs are served over HTTPS with valid SSL certificates.
  • Cross-Client Testing: Test BIMI implementation across various email clients.
  • Root Domain Check: Ensure BIMI record is configured for the root domain.
  • Online tools: Use online validation tools to test and identify problems.

What email marketers say
10Marketer opinions

Validating BIMI records and fixing common errors involves several steps. First, ensure the SVG logo is a true vector image, not just a raster image saved as an SVG. Use SVG validator tools to confirm it meets BIMI specifications, including square dimensions and correct XML structure. For the BIMI record itself, utilize online checkers to validate syntax and DNS entries. Common errors include incorrect DNS configuration and malformed URLs. VMCs are not always needed but may be required by providers like Gmail; verify the issuing CA is trusted. Ensure SPF, DKIM, and DMARC are properly set up before implementing BIMI, with DMARC set to 'quarantine' or 'reject'. BIMI enhances brand visibility and improves email security.

Key opinions

  • SVG Validation: SVG logos must be true vector images and meet BIMI specifications, validated using online tools.
  • BIMI Record Checkers: Online BIMI record checkers are essential for validating syntax, DNS entries, and overall record presence.
  • VMC Requirements: Verified Mark Certificates (VMCs) are required by some email providers, like Gmail, and the CA must be trusted.
  • Email Authentication: SPF, DKIM, and DMARC are prerequisites for BIMI implementation, with DMARC set to 'quarantine' or 'reject'.

Key considerations

  • Logo Format: Ensure the SVG logo is a true vector image, not just a raster image saved as an SVG format.
  • DNS Configuration: Verify correct DNS configuration for the BIMI record, including proper syntax and placement under the `_bimi` subdomain.
  • Provider Requirements: Understand the specific requirements of different email providers, particularly regarding VMCs.
  • Email Authentication Setup: Confirm that SPF, DKIM, and DMARC are properly configured before implementing BIMI, as these are prerequisites.
Marketer view

Email marketer from OnlyMyEmail shares common BIMI errors include: incorrect DNS configuration, invalid SVG logo format (e.g., raster images saved as .svg), and issues with the VMC if required by the mailbox provider.

January 2024 - OnlyMyEmail
Marketer view

Email marketer from dmarcian recommends using a BIMI inspector to check the status of your BIMI record. They highlight you can use their free tool to check if your domain is set up correctly.

July 2022 - dmarcian
Marketer view

Email marketer from Mailhardener recommends using online BIMI record checkers to validate the syntax and presence of your BIMI record. These tools can help identify common errors such as incorrect DNS entries or malformed URLs.

February 2023 - Mailhardener
Marketer view

Email marketer from Stack Overflow responds to check the following: DNS propagation, SVG format, and VMC validity. Also, make sure the BIMI record is correctly placed under the `_bimi` subdomain.

December 2021 - Stack Overflow
Marketer view

Email marketer from Email Marketing Forum says that if you're having trouble with your VMC, double-check that the issuing CA is trusted by the email provider you're targeting (e.g., Gmail).

October 2023 - Email Marketing Forum
Marketer view

Email marketer from Mailjet explains you need to set up SPF, DKIM and DMARC before BIMI. DMARC needs to be set to either 'quarantine' or 'reject'. Then you need to upload a validated SVG logo to a publicly accessible server and generate your BIMI DNS TXT record.

September 2023 - Mailjet
Marketer view

Marketer from Email Geeks explains that a certificate is not necessary with Verizon, but Gmail will want it.

April 2023 - Email Geeks
Marketer view

Marketer from Email Geeks shares the most likely reason for logo failing to validate is that it was a .png and was simply put into the .svg container, but with BIMI it needs to be true .svg image.

February 2024 - Email Geeks
Marketer view

Email marketer from EmailToolTester explains that BIMI enhances brand visibility in email inboxes. It also improves email security and deliverability by encouraging the adoption of email authentication protocols.

September 2021 - EmailToolTester
Marketer view

Email marketer from Reddit explains to ensure your SVG logo meets the BIMI specification, use an SVG validator tool. Common issues are non-square dimensions, embedded raster images, and incorrect XML structure.

November 2021 - Reddit

What the experts say
4Expert opinions

Validating BIMI records involves ensuring the record exists at the root domain and testing with online validators. The DNS record should be located at `default._bimi.client.com`. Common SVG issues include incorrect sizing, not being a vector image, and accessibility problems. Testing across different email clients and using validation tools is essential to find and fix these issues. Ensure the logo is served over HTTPS.

Key opinions

  • Root Domain: BIMI records should exist at the root domain.
  • DNS Record Location: The correct DNS record location is `default._bimi.client.com`.
  • Online Validators: Use online validators to test DNS settings, correct syntax, and HTTPS enablement of the logo.
  • SVG Issues: Common SVG problems include incorrect sizing, non-vector images, and accessibility issues.
  • Cross-Client Testing: Test across different email clients for full validation.

Key considerations

  • Domain Verification: Verify that the BIMI record is correctly placed in the root domain.
  • HTTPS: Ensure the logo is served over HTTPS.
  • SVG Format: Confirm the SVG is a true vector image with correct sizing and accessibility.
  • Testing: Regularly test BIMI implementation across various email clients and validation tools to find and resolve problems.
Expert view

Expert from Word to the Wise explains that common SVG issues include incorrect sizing, not being a vector image, or accessibility problems. She also explains you should test across different email clients, as well as using validation tools.

April 2024 - Word to the Wise
Expert view

Expert from Email Geeks answers that BIMI should exist at the root domain and you should add the root domain to the tools to test.

January 2023 - Email Geeks
Expert view

Expert from Spam Resource explains you can test your BIMI records with online validators, focusing on DNS settings, correct syntax and making sure the logo is HTTPS enabled.

April 2024 - Spam Resource
Expert view

Expert from Email Geeks explains the published DNS record should be located at: `default._bimi.client.com`.

June 2021 - Email Geeks

What the documentation says
6Technical articles

Validating BIMI records and fixing common errors involves ensuring the DNS TXT record is correctly published in the domain's DNS zone, specifying the logo location and optionally a VMC. The SVG logo must be a square vector graphic without text, accessible via HTTPS. A VMC is a digital certificate authenticating the logo. Correct BIMI record syntax is `v=BIMI1; l=https://example.com/logo.svg; a=https://example.com/vmc.pem;`. Secure HTTPS with a valid SSL certificate is crucial for both the logo and VMC. Effective BIMI implementation requires full authentication with SPF, DKIM, and DMARC, with a DMARC policy of `p=quarantine` or `p=reject`.

Key findings

  • BIMI Record Type: A BIMI record is a DNS TXT record.
  • SVG Logo Requirements: The SVG logo must be a square vector graphic, without text, accessible via HTTPS.
  • VMC Purpose: A VMC authenticates the logo and allows it to be displayed in participating email clients.
  • BIMI Syntax: The correct BIMI record syntax is `v=BIMI1; l=https://example.com/logo.svg; a=https://example.com/vmc.pem;`.
  • HTTPS Requirement: Both the logo and VMC must be served over HTTPS with a valid SSL certificate.
  • Authentication Prerequisites: Effective BIMI implementation requires SPF, DKIM, and DMARC, with a DMARC policy of `p=quarantine` or `p=reject`.

Key considerations

  • DNS Zone Publication: Ensure the BIMI TXT record is correctly published in the domain's DNS zone.
  • Logo Accessibility: Verify the SVG logo is accessible via HTTPS.
  • VMC Trust: If using a VMC, ensure it's issued by a trusted Certification Authority.
  • DMARC Policy: Implement a DMARC policy of `p=quarantine` or `p=reject` for BIMI to function correctly.
  • Valid SSL Certificate: Ensure you have a valid SSL certificate for both the logo and VMC
Technical article

Documentation from BIMI Group explains that a BIMI record is a TXT record published in the DNS zone of your sending domain. The record specifies the location of your brand logo file and optionally the location of a Verified Mark Certificate (VMC).

May 2021 - BIMI Group
Technical article

Documentation from Let's Encrypt says to ensure that both your logo and VMC are served over HTTPS using a valid SSL certificate from a trusted Certificate Authority. You can use Let's Encrypt for free certificates.

April 2021 - Let's Encrypt
Technical article

Documentation from Entrust shares that a Verified Mark Certificate (VMC) is a digital certificate that authenticates your logo. VMCs are issued by authorized Certification Authorities (CAs) after verifying your trademark. Using a VMC allows your logo to be displayed in participating email clients.

April 2021 - Entrust
Technical article

Documentation from Proofpoint shares the correct syntax for a BIMI record is: `v=BIMI1; l=https://example.com/logo.svg; a=https://example.com/vmc.pem;`. Make sure the URLs are accessible over HTTPS.

May 2023 - Proofpoint
Technical article

Documentation from DigiCert shares the BIMI SVG logo must be a square aspect ratio, must be a vector graphic (SVG), must not contain any text, and must be accessible via HTTPS.

February 2024 - DigiCert
Technical article

Documentation from GlobalSign explains that to implement BIMI effectively, ensure your domain is fully authenticated with SPF, DKIM, and DMARC. A DMARC policy of `p=quarantine` or `p=reject` is typically required.

June 2023 - GlobalSign

Related resources
8Resources

Troubleshooting common BIMI issues - DuoCircle
Troubleshooting common BIMI issues - DuoCircle

You probably already know that your logo is one of the biggest assets your brand owns, but wouldn’t it be great if it showed next to your emails in the

DuoCircle
Troubleshooting common BIMI problems - Valimail
Troubleshooting common BIMI problems - Valimail

Learn why your logo isn’t showing up in the inbox (and what to do about it) in this complete guide to troubleshooting BIMI problems.

Valimail -
SPF Record Checker and Lookup Tool | EasyDMARC
SPF Record Checker and Lookup Tool | EasyDMARC

Check if an SPF record is published on a domain and deployed correctly, identify its issues, and validate your SPF record. Check Your SPF Record Now!

EasyDMARC
How To Fix 550 SPF Check Failed [SOLVED]
How To Fix 550 SPF Check Failed [SOLVED]

The “550 SPF check failed” message is common error prompt that may be triggered by an invalid SPF record in the sender’s DNS, or third-party spam filters.

PowerDMARC
Fixing SPF Validation Errors | EasyDMARC
Fixing SPF Validation Errors | EasyDMARC

SPF validation errors significantly impact inbox placement and domain reputation. Here are the most common errors and how to fix them

EasyDMARC
How To Fix “SPF alignment failed”? - GoDMARC
How To Fix “SPF alignment failed”? - GoDMARC

Finding the source of the problem and taking the necessary measures are necessary for "SPF alignment failed" to be fixed. Read this blog!

GoDMARC Knowledge Base - Email Security Articles & Tips
SVG Issues: Solutions for Ensuring Tiny-PS Compliance - BIMI Group
SVG Issues: Solutions for Ensuring Tiny-PS Compliance - BIMI Group

Troubleshoot common SVG validation issues and ensure compliance with Tiny-PS for BIMI. Learn how to optimize and validate graphics.

BIMI Group
SPF PermError: What is it & How to Fix It?
SPF PermError: What is it & How to Fix It?

Learn about SPF Permerror and discover effective solutions to fix it. Ensure email deliverability and domain security.

GoDMARC Knowledge Base - Email Security Articles & Tips

Related questions