Brand Indicators for Message Identification (BIMI)

There is a lot of fraud and spoofing when it comes to email. How do I know the email you send me is from you and your brand?

Brand Indicators for Message Identification (BIMI)
Send branded e-mails with BIMI.

There is no clear, visual sign that the sender is doing everything to protect the integrity of their emails. A new initiative called Brand Indicators for Message Identification (BIMI) is about to improve this. A company is allowed to use a logo in the receiver's inbox when they have checked a number of security and privacy boxes (DMARC compliancy).

In order to do have such a logo displayed, the company must be registered, and they need to buy a digital certificate called Verified Marc Certificate (VMC).

Brand indicators at work
Brand indicators at work

My personal experience with BIMI

I wanted to set up a BIMI logo and played around. I first increased the level of strictness on DMARC (quarantine) and then generated a BIMI-record. There were some warnings and hoped it would still be enough to qualify. I inserted the information in a text record for DNS and started validating.

Certificate (VMC)

Then I find out I needed to request an actual certificate. And for such a certificate is a waiting list. I put myself on the list. If you are interested, you can maybe start with the waiting list for the Verified Marc Certificate. The costs are substantial, though. An annual certificate costs $1299.


Displaying a logo with an email can be a strong defender against fishing, it increases brand trust and visibility, but by design it is also hard to acquire and use the logo. There are many e-mail clients out there and so it is hard to force visibility rules you can communicate.

Update October 2022. With the release of iOS16 and MacOS Ventura the Mail App from Apple also supports email sender branding. I can't help noticing that not a lot of companies use BIMI yet.
BIMI Inspector - BIMI Group
* BIMI Validation may send data to a third party