How to setup BIMI when sending from Iterable through SES shared pools?

Summary

Setting up BIMI when sending from Iterable through SES shared pools involves a multi-faceted approach. Initially, understand that SES's default DKIM/SPF settings may provide partial coverage, but fully configuring your sending domain within Iterable's 'Custom project sending domain' settings is crucial. The process necessitates DMARC enforcement with a quarantine or reject policy for both the subdomain and apex domain, DKIM signing achieved by generating a key pair and adding a public key as a TXT record in your DNS, and obtaining a Verified Mark Certificate (VMC). A BIMI DNS TXT record pointing to your securely hosted SVG logo is also required. Using SES shared IP pools might limit control over your sending reputation, affecting DMARC enforcement; consult your ESP about their policies on this. Select a BIMI vendor with VMC acquisition and DNS management expertise. Post-implementation, monitor email deliverability and engagement. In essence, BIMI requires authentication, policy, and logos, building upon DMARC, DKIM, and SPF setup, making it somewhat complex but beneficial for enhancing brand recognition and trust.

Key findings

  • Core Requirements: BIMI mandates authentication (SPF & DKIM), a strict DMARC policy (quarantine/reject), a VMC, and a properly formatted SVG logo.
  • SES Limitations: While SES offers initial SPF coverage, full domain configuration is vital, especially with shared IP pools affecting sender reputation control.
  • Iterable Configuration: Leverage Iterable's 'Custom project sending domain' settings for DKIM and SPF setup.
  • DNS Importance: Adding DNS TXT records is crucial for DKIM, DMARC, and BIMI to function correctly.
  • Vendor Expertise: A skilled vendor is beneficial for navigating VMC acquisition and DNS record management complexities.

Key considerations

  • Thorough Domain Configuration: Do not rely on default SES settings; ensure complete domain configuration within Iterable.
  • Shared IP Implications: Consult with your ESP about how SES shared IPs impact DMARC enforcement and BIMI eligibility.
  • DMARC Policy Enforcement: Implement a strict DMARC policy (quarantine or reject) for BIMI compliance.
  • Logo Preparation: Ensure your logo meets BIMI's SVG, squared, and secure hosting (HTTPS) requirements.
  • Ongoing Monitoring: Continuously monitor email deliverability and engagement to assess BIMI's impact.

What email marketers say
11Marketer opinions

Setting up BIMI when sending from Iterable through SES shared pools involves several key steps and considerations. It requires DMARC enforcement (quarantine or reject policy), DKIM signing, and obtaining a Verified Mark Certificate (VMC) to display your logo. Configuring a Custom Sending Domain in Iterable is crucial, involving DNS record setup for DKIM and SPF. Using shared IP pools, like those in SES, may limit control over your sending reputation, impacting DMARC enforcement. Therefore, it's essential to check with your ESP about their policies on custom DMARC setups with shared IPs. Implementing BIMI enhances brand recognition, trust, and open rates. The setup complexity includes DMARC configuration, DKIM setup, and VMC acquisition, necessitating careful selection of a BIMI vendor experienced in VMC and DNS management. Post-implementation, monitoring email deliverability and engagement metrics is crucial. Additionally, seeking assistance from Iterable's Deliverability Team can be beneficial.

Key opinions

  • BIMI Requirements: BIMI requires DMARC enforcement (quarantine or reject), DKIM signing, and a Verified Mark Certificate (VMC).
  • Iterable Custom Sending Domain: Setting up a Custom Sending Domain in Iterable is essential for deliverability and sender reputation.
  • Shared IP Limitations: Using SES shared IP pools may limit control over sending reputation, affecting DMARC enforcement.
  • Implementation Benefits: Implementing BIMI enhances brand recognition, trust, and open rates.
  • Setup Complexity: BIMI setup involves DMARC configuration, DKIM setup, and VMC acquisition, making it a complex process.

Key considerations

  • ESP Policy: Check with your ESP about their policies on custom DMARC setups with shared IPs.
  • Vendor Selection: Carefully select a BIMI vendor experienced in VMC acquisition and DNS management.
  • Performance Monitoring: Monitor email deliverability and engagement metrics post-implementation.
  • Support: Consider reaching out to Iterable's Deliverability Team for assistance.
  • DMARC Policy: A DMARC policy of quarantine or reject is needed for BIMI compliance.
Marketer view

Email marketer from Valimail explains that BIMI requires DMARC enforcement (policy of quarantine or reject), DKIM signing, and a Verified Mark Certificate (VMC) to display your logo.

January 2024 - Valimail
Marketer view

Marketer from Email Geeks suggests Tiffani can ask her CSM to reach out to the Deliverability Team for any help or questions.

September 2023 - Email Geeks
Marketer view

Email marketer from Stack Overflow explains that using SES shared IP pools can restrict control over your sending reputation, potentially hindering DMARC enforcement required for BIMI.

August 2024 - Stack Overflow
Marketer view

Email marketer from Mailhardener shares that using a shared IP pool might limit your ability to fully control your sending reputation, which is crucial for DMARC enforcement (required by BIMI). Talk to your ESP to find out their policy on custom DMARC setups with shared IPs.

August 2024 - Mailhardener
Marketer view

Email marketer from Reddit shares that setting up BIMI involves multiple steps including DMARC configuration, DKIM setup and the VMC certificate which makes the setup slightly complex, but the reward of brand visibility in inbox is worth it.

June 2021 - Reddit
Marketer view

Email marketer from EasyDMARC shares that implementing BIMI involves setting up SPF, DKIM, and DMARC, obtaining a VMC, and publishing a BIMI DNS record.

February 2025 - EasyDMARC
Marketer view

Email marketer from LinkedIn suggests that when selecting a vendor for BIMI, ensure they have experience with VMC acquisition and DNS record management.

June 2023 - LinkedIn
Marketer view

Email marketer from Gmass explains that after implementing BIMI, it's important to monitor your email deliverability and engagement metrics to assess its impact.

July 2023 - Gmass
Marketer view

Email marketer from OnlyB2B shares that implementing BIMI enhances brand recognition in the inbox, increasing trust and open rates.

October 2023 - OnlyB2B
Marketer view

Email marketer from Iterable Documentation explains that setting up a Custom Sending Domain is crucial for deliverability and sender reputation when using Iterable. This involves configuring DNS records like DKIM and SPF.

February 2025 - Iterable
Marketer view

Marketer from Email Geeks shares that Tiffani will also need a DMARC policy of quarantine or reject for both the subdomain and the apex domain to be BIMI-compliant.

July 2024 - Email Geeks

What the experts say
5Expert opinions

Setting up BIMI with Iterable and SES shared pools involves configuring authentication (SPF and DKIM), policy (DMARC set to quarantine or reject), and providing logos in SVG format. SES's default settings might initially cover SPF, but fully configuring your domain (mail.signos.com) is crucial. Look for "Custom project sending domain" settings within Iterable, particularly a DNS subsection for DKIM setup. DMARC is a foundational dependency for BIMI, requiring both DKIM and SPF to be established beforehand.

Key opinions

  • BIMI Requirements: BIMI requires authentication (SPF & DKIM), policy (DMARC at quarantine/reject), and logos (SVG format).
  • SES Default Coverage: SES default settings might initially cover SPF checks against amazonses.com.
  • Domain Configuration: Fully configuring your sending domain (e.g., mail.signos.com) is essential for BIMI.
  • Iterable Settings: Check Iterable's "Custom project sending domain" settings for DNS configuration.
  • DMARC Dependency: BIMI relies on DMARC, which requires DKIM and SPF to be properly set up first.

Key considerations

  • Full Domain Configuration: Don't rely solely on SES default settings; complete domain configuration is required.
  • DNS Settings: Locate and configure the DNS settings within Iterable for DKIM and SPF.
  • DMARC First: Ensure DMARC, DKIM, and SPF are properly configured before attempting BIMI setup.
Expert view

Expert from Word to the Wise responds that BIMI requires authentication, policy, and logos. Authentication consists of both SPF and DKIM, policy is DMARC set to quarantine or reject, and logos are an SVG format file.

June 2024 - Word to the Wise
Expert view

Expert from Word to the Wise responds that BIMI depends on DMARC, which requires both DKIM and SPF. Setting up those three things is something that should be done before considering BIMI.

September 2022 - Word to the Wise
Expert view

Expert from Email Geeks shares that the SPF record check is against amazonses.com, that’s why Tiffani is passing SPF just fine

June 2021 - Email Geeks
Expert view

Expert from Email Geeks shares that there are references to “Custom project sending domain” settings of Iterable when searching for DKIM info and there’s a DNS subsection in there that’s probably going to be where to set it up.

September 2023 - Email Geeks
Expert view

Expert from Email Geeks explains that SES’s default DKIM/SPF settings are covering for Tiffani. Tiffani still needs to fully configure mail.signos.com to get BIMI set up.

April 2023 - Email Geeks

What the documentation says
5Technical articles

Setting up BIMI involves several technical steps: DKIM setup requires generating a key pair, adding the public key as a TXT record to your DNS, and enabling DKIM signing for your SES identity. A DMARC record with a quarantine or reject policy must be created and published in your DNS. BIMI also requires a DNS TXT record pointing to your SVG logo file hosted securely (HTTPS). To display your logo, you need a Verified Mark Certificate (VMC) to verify logo ownership and compliance.

Key findings

  • DKIM Setup: Generate DKIM key pair, add public key as DNS TXT record, and enable DKIM signing in SES.
  • BIMI DNS Record: Create a BIMI DNS TXT record pointing to your SVG logo hosted on HTTPS.
  • DMARC Record: Create and publish a DMARC record with a quarantine or reject policy in your DNS.
  • VMC Requirement: A Verified Mark Certificate (VMC) is needed to display your logo with BIMI.
  • Logo Requirements: Your logo must be in SVG format, squared, and hosted on a secure HTTPS server.

Key considerations

  • DNS Access: Ensure you have access to modify your domain's DNS records.
  • HTTPS Hosting: Host your SVG logo on a server with HTTPS enabled.
  • VMC Acquisition: Obtain a Verified Mark Certificate (VMC) from a trusted provider.
  • Policy Enforcement: Set your DMARC policy to quarantine or reject for BIMI compliance.
Technical article

Documentation from AuthSMTP shares that for BIMI, your logo needs to be in SVG format, squared, and hosted on a secure HTTPS server.

August 2022 - AuthSMTP
Technical article

Documentation from DMARC Analyzer explains that a DMARC record needs to be created and published in your domain's DNS to instruct email providers on how to handle emails that fail authentication checks. It should include a policy (p=quarantine or p=reject) for BIMI compliance.

April 2024 - DMARC Analyzer
Technical article

Documentation from BIMI Group explains that a BIMI DNS TXT record must be added to your domain, pointing to the location of your SVG logo file hosted on a secure (HTTPS) server.

May 2024 - BIMI Group
Technical article

Documentation from DigiCert shares that a VMC (Verified Mark Certificate) is required to display your logo with BIMI. It verifies your ownership of the logo and ensures it meets specific formatting and security standards.

December 2022 - DigiCert
Technical article

Documentation from Amazon Web Services explains that to set up DKIM, you need to generate a DKIM key pair and add the public key as a TXT record to your domain's DNS settings. After that, you need to enable DKIM signing for your SES identity.

December 2022 - Amazon Web Services

No related resources found.