Brand Indicators for Message Identification (BIMI): Difference between revisions
mNo edit summary |
No edit summary |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 10: | Line 10: | ||
BIMI requires a valid and passing [[DMARC]] record, with the policy set to either "reject" or "quarantine". | BIMI requires a valid and passing [[DMARC]] record, with the policy set to either "reject" or "quarantine". | ||
=DNS | =DNS record= | ||
A BIMI DNS record is set on a subdomain named '''default._bimi'''. It contains the following elements: | A BIMI DNS record is set on a subdomain named '''default._bimi'''. It contains the following elements: | ||
| Line 25: | Line 25: | ||
</pre> | </pre> | ||
==BIMI | ==BIMI logo== | ||
The logo that's included in the "v"-switch of the BIMI DNS record should comply to the folowing: | The logo that's included in the "v"-switch of the BIMI DNS record should comply to the folowing: | ||
| Line 40: | Line 40: | ||
* The image should not have a transparent background. | * The image should not have a transparent background. | ||
==BIMI | ==BIMI certificate== | ||
The optional BIMI certificate is used to digitally sign the logo and the [[RFC5322.From|senderdomain]]. It contains other elements, such as an organisation name, a list of domains signed by this certificate and an expiration date. There are 2 types of certificate: '''VMC''' and '''CMC'''. CMC certificates are slightly less expensive than VMC certificates. They are issued by certification authorities (Entrust or DigiCert) recognized by the [https://bimigroup.org/ BIMI Working Group]. | The optional BIMI certificate is used to digitally sign the logo and the [[RFC5322.From|senderdomain]]. It contains other elements, such as an organisation name, a list of domains signed by this certificate and an expiration date. There are 2 types of certificate: '''VMC''' and '''CMC'''. CMC certificates are slightly less expensive than VMC certificates. They are issued by certification authorities (Entrust or DigiCert) recognized by the [https://bimigroup.org/ BIMI Working Group]. | ||
| Line 61: | Line 61: | ||
|} | |} | ||
=BIMI | =BIMI adoption by ISPs= | ||
{| class="wikitable" | {| class="wikitable" | ||
| Line 76: | Line 76: | ||
| Yes | | Yes | ||
| No | | No | ||
| | | No | ||
|- | |- | ||
! scope="row"| Fastmail | ! scope="row"| Fastmail | ||
| Line 90: | Line 90: | ||
|- | |- | ||
! scope="row"| La Poste | ! scope="row"| La Poste | ||
| | | Yes | ||
| No | | No | ||
| Yes | | Yes | ||
Latest revision as of 04:32, 1 February 2025
Brand Indicators for Message Identification, or BIMI, is a specification allowing for the display of brand logos in the inbox. BIMI is currently an RFC draft.
Prerequisites
BIMI requires a valid and passing DMARC record, with the policy set to either "reject" or "quarantine".
DNS record
A BIMI DNS record is set on a subdomain named default._bimi. It contains the following elements:
- A BIMI version (Currently only BIMI1 is available).
- A link to a BIMI logo.
- Optional: A link to a BIMI certificate (VMC or CMC).
BIMI DNS records looks like this:
$ host -t txt default._bimi.example.com default._bimi.example.com descriptive text "v=BIMI1; l=https://example.com/logo.svg; a=https://example.com/image/certificate.pem;"
BIMI logo
The logo that's included in the "v"-switch of the BIMI DNS record should comply to the folowing:
- It must be in SVG (Tiny P/S) format.
- The "version" attribute must be set to "1.2"
- A <title> element must be included that reflects the company name.
- A <desc> (i.e. the "description") element is not required, but this should be included to support accessibility.
- The image must be sqare. Length and width should have the same value.
- The image size shouldn't exceed 32 Kb.
- No external links or references (other than to the specified XML namespaces) should be included.
- No scripts, animation, or other interactive elements should be included.
- No "x=" or "y=" attributes should be included within the <svg> root element.
- The image should not have a transparent background.
BIMI certificate
The optional BIMI certificate is used to digitally sign the logo and the senderdomain. It contains other elements, such as an organisation name, a list of domains signed by this certificate and an expiration date. There are 2 types of certificate: VMC and CMC. CMC certificates are slightly less expensive than VMC certificates. They are issued by certification authorities (Entrust or DigiCert) recognized by the BIMI Working Group.
It is not possible to create valid VMC or CMC certificates with a free service such as Letsencrypt.
Difference between VMC and CMC certificates
| Requirement | VMC | CMC |
|---|---|---|
| Trademark Registration | Yes | No |
| Logo in use | Can be used immediately | Must have been in use since 1 year |
BIMI adoption by ISPs
| Client | VMC | CMC | Self-Asserted | Comment |
|---|---|---|---|---|
| AOL / Yahoo! | No | No | Yes | Only for bulk messages from high-reputation domains |
| Apple Mail | Yes | No | No | |
| Fastmail | No | No | Yes | |
| Gmail | Yes | Yes | No | Only VMC certificates get a blue checkmark. |
| La Poste | Yes | No | Yes | Domains without VMCs must be submitted and manually verified by La Poste. |