Celeb Frenzy Daily

Home / general

BIMI - How To Discuss

Emma Newman |

BIMI

Brand Indicators for Message Identification (BIMI) is a new security technology that can verify your email marketing and build trust with your customers. BIMI works with the DKIM, SPF, and DMARC protocols to protect your domain from being used by attackers to send fraudulent emails. This puts your logo next to your messages in people's inboxes so that your contacts and your email service know those emails are really from you or your company.

  • What is BIM?
  • Why is BIMI important?
  • How does BIM work?
  • BIMI . configure
  • word list
  • BIMI

RAY

Brand Indicators for Message Identification (BIMI) is a new security technology that can verify your email marketing and build trust with your customers. BIMI works with the DKIM, SPF, and DMARC protocols to protect your domain from being used by attackers to send fraudulent emails. This puts your logo next to your messages in people's inboxes so that your contacts and your email service know those emails are really from you or your company.

What is BIMI?

BIMI is a new effort to standardize the use and display of brand logos to help consumers avoid spam and fraudulent emails. This makes your email more visible to your contacts. While there may be a generic space or icon next to other emails, your logo will stand out.

By displaying your brand logo next to the email you send, BIMI allows consumers to instantly recognize that the email they see is from your brand or company. This increases trust and open rates by clearly marking your email as legitimate.

Before BIMI, the steps to display your logo next to an email were specific to each email service your message was sent to. Sometimes the process was completely manual or relied on other apps to collect information about their brand and share it on participating platforms.

Why is BIMI important?

Protecting a brand from fraud is part of the job of email marketers, but sending emails securely can be difficult and time-consuming. Because the tools available to protect your brand from attackers are difficult to implement and test effectively, exploiting vulnerable domains and email addresses has become a lucrative industry for attackers.

The Federal Bureau of Investigation (FBI) reports that US companies lost more than $2 billion in email fraud between 2014 and 2019 due to just two email services. These fraud statistics are based solely on what individuals and companies report to the FBI's Online Complaint Center. It's interesting how much money and opportunities are lost but not reported.

In 2020, more than 306 billion emails were sent every day. With so much clutter, it can be hard to stand out. Even authorized stamped emails can get lost in a sea of ​​spam.

Adding security protocols and certificates to the domain to enable use of BIMI also helps prevent . Since a domain is essential to promoting your business online, you can protect your business reputation by implementing email verification protocols. Protecting your domain when sending email prevents you from receiving the following FBI email fraud report.

How does BIMI work?

BIMI uses a multi-step process to validate email messages and ensure they are associated with the sender's domain. Senders must have a TXT record in their Domain Name System (DNS) records for BIMI.

For BIMI to work, domains must have other fraud protection measures in place, including:

  • Sender Policy Framework (SPF): Verifies email by determining which email servers can send messages from specific domains.
  • DomainKeys Identified Mail (DKIM): Appends a digital signature to every email to verify that it was sent from an authorized domain.
  • Domain-based Message Authentication, Reporting, and Enforcement (DMARC): Validates SPF and DKIM records and specifies how to handle misaligned emails.

When emails are sent using BIMI, the receiving mail server performs DMARC/DKIM authentication and SPF authentication first by default. If the email passes these tests, the server checks to see if it has a valid BIMI record, validates it, and displays your company logo.

Your logo file must be in SVG Tiny Portable/Secure format. SVG stands for scalable vector graphics. Unlike pixel-based images such as JPGs or GIFs, vector images define the shapes and visual elements of an image using lines and dots. This makes the chart scalable or easy to use in different sizes. Using vector graphics in this secure format will ensure your logo is displayed well wherever it is displayed via BIMI.

Some ESPs may require a Verified Brand Certificate (VMC) to prove ownership of branded and logo items. While it is not currently a requirement to implement BIMI in your domain, VMC should become part of the standard in the future.

How does BIMI work with DMARC, DKIM and SPF?

The first step in using BIMI to display your logo is to implement DMARC. This is saved as a TXT record for your domain. For DMARC to work with BIMI, the reject policy for this record must be p=quarantine or p=reject for all email sent from your domain.

While BIMI requires DMARC, DMARC requires your domain to have DKIM records in order to work. DMARC only requires SPF or DKIM for targeting, but it's best to include SPF records for added security when using BIMI. These 2 security tools are also stored as TXT records for your domain.

How do I get the logo in the right format?

You must convert your logo to the correct file type to use it with BIMI. While vector image formats are the standard for logos, so they can be scaled up for use as a small icon or printed on large banners or billboards, BIMI requires that you submit your logo in an appropriately protected vector format.

The AuthIndicators group provides a handy downloadable tool to convert an SVG Tiny 1.2 file to the correct and safe SVG Tiny P/S format. However, if you have another type of file, e.g. For example, if you have an unsupported SVG, EPS, PNG, GIF, or JPG file, you'll need to use image editing software or a file type converter to recreate the file in the correct format.

You also need to make sure that the file is the correct size and shape. The file cannot exceed 32 KB and must be square. The background should not be transparent, a solid color is recommended. For best results, there should be free space around the logo in case it is truncated or cropped. More detailed instructions and examples can be found on the BIMI website.

What is a verified marking certificate (VMC)?

A Verified Trademark Certificate (VMC) is a digital proof of ownership of a logo for use with BIMI. Add another layer of protection by verifying the correct logo. While using BIMI is currently optional, some ESPs require their logo to be displayed.

When you send an email to a contact, the recipient's email server that manages their mailbox assumes a tag URL that specifies where to display the logo. The VMC is then checked to ensure that the correct logo is used. Once VMC has verified your logo, BIMI will display it next to your email address.

To get a VMC, your domain must have DMARC implemented. Your logo must be registered (and undisputed) with the US Patent and Trademark Office and owned by your company. While different countries have different regulations, legal trademarks in the United States may include:

  • Figurative signs: formed by a single drawing.
  • Word Marks: Contains words, letters, or numbers without a specific font, size, color, or style.
  • Combined characters: Contain a combination of words with a stylized pattern, letters, or numbers.

Entrust Datacard and DigiCert are the first two companies to issue verified BIMI Mark certifications. You can contact them to help you get one.

Configure BIMI

BIMI setup will prompt you to publish a DNS record with your brand logo in SVG P/S format. You can use the AuthIndicators Groups BIMI generator to generate a properly formatted dataset.

The exact values ​​to enter into your records will depend on your domain name, how you send email, and which version of your logo you choose to use if you have more than one. Here you can see, for example, what a domain registration with BIMI looks like and what is needed to set it up.

  1. Make sure that DKIM/DMARC and SPF are already defined and verified for your domain.
  2. Make sure your domain's DMARC TXT record has a p=reject or p=quarantine policy. If p=quarantine is set, pct must be set to 100 implicitly (by omitting the pct tag) or explicitly (by setting pct=100).

  3. Confirm your logo:

    • SVG P/P
    • File smaller than 32KB
    • The shape of the image is square.
    • The background is and white.

  4. Upload the image to the service of your choice and save the https:// URL where it is available for later use.

  5. Access DNS records through your domain service provider. If you're not sure how to access your domain records, contact the person or team that manages your website or email address for help.
  6. Create a new TXT record in the default._bimi subdomain. Example. The exact steps to create a subdomain and TXT record depend on your domain provider's service.
  7. Add a value for a TXT record that contains the BIMI version (v=) and location (l=) of the logo file. For example: v=BIMI1
  8. If you have a VMC, include the authority (a=) in the URL of the .pem certificate file. For example: v=BIMI1
  9. Save the new item and wait for it to spread across the internet.
  10. Use the AuthIndicators Groups BIMI Inspector to make sure everything is set up correctly.

BIMI

You Might Also Like