Brand Indicators for Message Identification (BIMI)

From InboxSys document library
Jump to navigation Jump to search


Brand Indicators for Message Identification, or BIMI, is a specification allowing for the display of brand logos in the inbox. BIMI is currently an RFC draft.

Prerequisites

BIMI requires a valid and passing DMARC record, with the policy set to either "reject" or "quarantine".

DNS record

A BIMI DNS record is set on a subdomain named default._bimi. It contains the following elements:

  • A BIMI version (Currently only BIMI1 is available).
  • A link to a BIMI logo.
  • Optional: A link to a BIMI certificate (VMC or CMC).

BIMI DNS records looks like this: 

$ host -t txt default._bimi.example.com
default._bimi.example.com descriptive text "v=BIMI1; l=https://example.com/logo.svg; a=https://example.com/image/certificate.pem;"

The logo that's included in the "v"-switch of the BIMI DNS record should comply to the folowing:

  • It must be in SVG (Tiny P/S) format.
  • The "version" attribute must be set to "1.2"
  • A <title> element must be included that reflects the company name.
  • A <desc> (i.e. the "description") element is not required, but this should be included to support accessibility.
  • The image must be sqare. Length and width should have the same value.
  • The image size shouldn't exceed 32 Kb.
  • No external links or references (other than to the specified XML namespaces) should be included.
  • No scripts, animation, or other interactive elements should be included.
  • No "x=" or "y=" attributes should be included within the <svg> root element.
  • The image should not have a transparent background.

BIMI certificate

The optional BIMI certificate is used to digitally sign the logo and the senderdomain. It contains other elements, such as an organisation name, a list of domains signed by this certificate and an expiration date. There are 2 types of certificate: VMC and CMC. CMC certificates are slightly less expensive than VMC certificates. They are issued by certification authorities (Entrust or DigiCert) recognized by the BIMI Working Group. 

It is not possible to create valid VMC or CMC certificates with a free service such as Letsencrypt.

Difference between VMC and CMC certificates

VMC vs. CMC
Requirement VMC CMC
Trademark Registration Yes No
Logo in use Can be used immediately Must have been in use since 1 year

BIMI adoption by ISPs

Email clients supporting BIMI
Client VMC CMC Self-Asserted Comment
AOL / Yahoo! No No Yes Only for bulk messages from high-reputation domains
Apple Mail Yes No No
Fastmail No No Yes
Gmail Yes Yes No Only VMC certificates get a blue checkmark.
La Poste Yes No Yes Domains without VMCs must be submitted and manually verified by La Poste.

Useful links

Retrieved from "https://docs.inboxsys.com/index.php?title=Brand_Indicators_for_Message_Identification_(BIMI)&oldid=361"