How to set up BIMI with a shared IP?

16 Marketer opinions 2 Expert opinions 4 Technical articles 4 Resources

Summary

Setting up BIMI with a shared IP is possible but requires careful attention to detail. While BIMI is domain-based and not IP-based, the sender's reputation on a shared IP significantly impacts logo display. Key requirements include a DMARC policy set to either p=quarantine or p=reject, proper SPF and DKIM configuration, and a Verified Mark Certificate (VMC). Experts recommend warming up the IP address, diligently monitoring DMARC reports, and ensuring ESPs provide adequate support for correct implementation.

Key findings

BIMI is Domain-Based: BIMI relies on domain authentication standards (SPF, DKIM, DMARC) rather than IP addresses directly.
DMARC Policy Required: A DMARC policy set to p=quarantine or p=reject is mandatory for BIMI to function.
VMC Essential: A Verified Mark Certificate (VMC) is needed to display a logo with BIMI.
Sender Reputation Matters: The sender's reputation on a shared IP significantly impacts BIMI logo display, even if technical requirements are met.

Key considerations

IP Warmup: Implement a gradual IP warm-up process to establish a positive sender reputation.
SPF Configuration: Ensure the SPF record includes the shared IP address or the sending provider's designated domain.
DMARC Monitoring: Diligently monitor DMARC reports to identify and address any authentication issues.
ESP Support: Engage with your Email Service Provider (ESP) for assistance with SPF, DKIM, and DMARC setup and monitoring.
Phased DMARC Implementation: Consider a phased DMARC deployment, starting with 'p=none' to monitor traffic, then 'p=quarantine', and finally 'p=reject'.

What email marketers say
16Marketer opinions

Setting up BIMI with a shared IP is technically feasible, but requires careful attention to domain authentication (SPF, DKIM, DMARC) and sender reputation. While BIMI is domain-based, not IP-based, a shared IP can impact deliverability, affecting logo display. A DMARC policy of p=quarantine or p=reject is essential. Monitoring DMARC reports and warming up the IP address are recommended practices.

Key opinions

Domain Authentication: BIMI requires strict adherence to domain authentication standards (SPF, DKIM, DMARC). Ensure proper setup and alignment.
DMARC Policy: A DMARC policy of either p=quarantine or p=reject is mandatory for BIMI to function correctly.
Shared IP Impact: While BIMI is not directly IP-dependent, a shared IP can influence sender reputation and, consequently, BIMI logo display.
Certificate Inheritance: The BIMI certificate can be obtained for the org domain and inherited by subdomains, provided the BIMI record is published at the org domain level.

Key considerations

Sender Reputation: Closely monitor sender reputation and IP health, as deliverability issues can hinder BIMI logo display.
IP Warmup: Implement a gradual IP warmup strategy to establish a positive sending history on the shared IP.
DMARC Monitoring: Diligently monitor DMARC reports to identify and address any authentication failures promptly.
SPF Record: The SPF record must include the shared IP address or the sending provider's designated domain to prevent authentication errors.

Marketer view

Email marketer from StackOverflow explains the importance of including the shared IP address or the sending provider's designated domain in your SPF record. They emphasize that failing to do so can cause authentication failures and prevent BIMI from functioning correctly.

November 2024 - StackOverflow

Marketer view

Email marketer from Reddit shares that while BIMI technically works on shared IPs, sender reputation is critical. They advise closely monitoring deliverability metrics and warming up the IP properly to prevent logo display issues.

November 2022 - Reddit

Marketer view

Marketer from Email Geeks shares that for DMARC, you only need aligned pass with either SPF or DKIM, but having both is best practice.

November 2024 - Email Geeks

Marketer view

Email marketer from Email Vendor Blog suggests diligently monitoring DMARC reports when using a shared IP for BIMI. This helps identify and address any authentication issues promptly, ensuring a smooth BIMI implementation and logo display.

November 2021 - Email Vendor Blog

Marketer view

Marketer from Email Geeks shares that you can get the certificate for just your sub-domain if that's your preference, but the org domain must still be p=q/r for BIMI to work.

July 2021 - Email Geeks

Marketer view

Email marketer from GMass states that your DMARC record must be set to either p=quarantine or p=reject in order for BIMI to work.

October 2023 - GMass

Marketer view

Email marketer from Mailjet shares that setting up BIMI on a shared IP is feasible if you control your domain's SPF, DKIM, and DMARC records. They recommend working with your email service provider to ensure proper authentication configuration for optimal results.

January 2023 - Mailjet

Marketer view

Marketer from Email Geeks confirms that DMARC and BIMI are domain-based, not IP-based.

February 2024 - Email Geeks

Marketer view

Marketer from Email Geeks explains that BIMI requires the org domain to be at p=reject or p=quarantine.

July 2021 - Email Geeks

Marketer view

Email marketer from Mailgun says using their platform's monitoring tools for insight into deliverability and sender reputation can greatly benefit a BIMI setup with shared IPs. They recommend closely watching bounce rates and engagement data.

December 2022 - Mailgun

Marketer view

Marketer from Email Geeks shares that you can get the BIMI certificate for just the org domain, and it will be inherited if you publish your BIMI record only at the org domain.

January 2022 - Email Geeks

Marketer view

Marketer from Email Geeks mentions that using a shared IP can impact your logo's display because deliverability affects BIMI, even when technical requirements are met.

January 2025 - Email Geeks

Marketer view

Email marketer from SparkPost warns that shared IPs can affect sender reputation. To overcome this, monitor IP reputation, implement feedback loops, and work to maintain high engagement rates.

March 2022 - SparkPost

Marketer view

Email marketer from Litmus states that BIMI is domain-based, not IP-based. So, a shared IP address doesn't prevent BIMI from working, as long as you have control over your domain's authentication (SPF, DKIM, DMARC) and a valid VMC.

September 2024 - Litmus

Marketer view

Email marketer from Sendinblue states that with the proper setup of your domain, DMARC, SPF, and DKIM records, BIMI is achievable on Sendinblue's shared IP's. They recommend engaging with their support to achieve this.

April 2023 - Sendinblue

Marketer view

Marketer from Email Geeks explains that `p=reject` is not mandatory for BIMI purposes; `p=quarantine` at 100% adoption rate is sufficient.

August 2023 - Email Geeks

What the experts say
2Expert opinions

Experts emphasize the need for a proper shared IP warm-up before implementing BIMI, characterized by gradually increasing sending volume and consistent engagement to build a positive sender reputation. Additionally, ESPs using shared IPs should offer comprehensive support and tools to their customers for correct BIMI implementation, including assistance with SPF, DKIM, DMARC setup, and deliverability monitoring.

Key opinions

IP Warmup Crucial: Properly warming up a shared IP is vital for establishing a positive sender reputation before implementing BIMI.
ESP Support Needed: ESPs utilizing shared IPs must provide clear guidance and tools to customers for correct BIMI setup.

Key considerations

Gradual Sending Volume: Implement gradual increases in sending volume during the IP warm-up process.
Consistent Engagement: Ensure consistent email engagement to build a positive sender reputation.
SPF/DKIM/DMARC Assistance: Provide support and tools for setting up SPF, DKIM, and DMARC records correctly.
Deliverability Monitoring: Offer monitoring capabilities to ensure compliance and optimal deliverability.

Expert view

Expert from Spam Resource emphasizes the importance of properly warming up a shared IP address before implementing BIMI. He explains that gradual increases in sending volume and consistent engagement are crucial for establishing a positive sender reputation and ensuring BIMI logo display.

August 2022 - Spam Resource

Expert view

Expert from Word to the Wise advises ESPs using shared IPs to provide clear guidance and tools to their customers for implementing BIMI correctly. This includes assisting with SPF/DKIM/DMARC setup and offering monitoring capabilities to ensure compliance and deliverability.

June 2022 - Word to the Wise

What the documentation says
4Technical articles

Official documentation clarifies that BIMI is compatible with shared IPs as long as domain authentication (SPF, DKIM, DMARC) is correctly configured and a valid DMARC policy (p=quarantine or p=reject) is in place. A Verified Mark Certificate (VMC) is required to display a logo. A phased approach to DMARC deployment is recommended to minimize disruption.

Key findings

IP Independence: BIMI operates independently of IP addresses, making it compatible with shared IP environments.
DMARC Requirement: A valid DMARC policy set to 'quarantine' or 'reject' is mandatory for BIMI.
VMC Necessity: A Verified Mark Certificate (VMC) is required to display a logo through BIMI.

Key considerations

Domain Authentication: Ensure proper configuration of SPF, DKIM, and DMARC records.
Sender Reputation: Maintaining a good sender reputation is crucial, especially on shared IPs.
Phased DMARC Deployment: Consider a phased approach to DMARC deployment to minimize disruption and identify potential issues.

Technical article

Documentation from DigiCert Knowledge Base emphasizes that BIMI requires a valid DMARC policy set to either 'quarantine' or 'reject.' It mentions that while a dedicated IP isn't strictly necessary, maintaining a good sender reputation is crucial on shared IPs to ensure logo display.

August 2022 - DigiCert Knowledge Base

Technical article

Documentation from Entrust Blog highlights the need for a Verified Mark Certificate (VMC) to display a logo through BIMI. It notes that you can obtain a VMC for your primary domain, even when sending from subdomains on a shared IP, provided your DMARC policy is correctly implemented.

December 2022 - Entrust Blog

Technical article

Documentation from BIMI Group Website confirms that BIMI works independently of IP addresses, meaning it's compatible with shared IP environments as long as domain authentication standards (SPF, DKIM, DMARC) are properly configured.

January 2024 - BIMI Group Website

Technical article

Documentation from dmarcian recommends a phased approach to DMARC deployment, starting with 'p=none' to monitor traffic, then moving to 'p=quarantine' and eventually 'p=reject'. This helps minimize disruption and identify any authentication issues before enforcing a stricter policy.

February 2024 - dmarcian

How to repair your sender reputation | Klaviyo Help Center

Search our knowledge base to find answers to the most commonly asked questions. Browse our articles, community forum, live and recorded trainings, and more, to learn all about how to use Klaviyo and to discover our best practices.

Klaviyo Help Center

Email Authentication Protocols in 2024: SPF, DKIM, DMARC & BIMI

Get essential info on how email authentication protocols work as well how they prevent email deliverability issues and email spoofing.

Email on Acid

Brand Indicators for Message Identification (BIMI) Record in cPanel

Brand Indicators for Message Identification (BIMI) is a logo image that shows alongside email addresses to enhance brand recognition. Learn how to add BIMI record in cPanel with a SVG Tiny file.

InMotion Hosting Support Center