Home/Knowledge Hub/BIMI: Show Your Logo Beside Emails and Build Trust
← Back to Knowledge Hub

BIMI: Show Your Logo Beside Emails and Build Trust

Email SecurityDeliverability·June 3, 2026·5 min read

BIMI displays your brand's logo in supported inboxes like Gmail and Yahoo. It uses DMARC and certificates to prove authenticity, increasing trust and open …

What Is BIMI

You open your inbox and see an email from a well-known retailer. Their logo sits right next to the sender name, making it instantly recognizable. That’s BIMI at work.

BIMI stands for Brand Indicators for Message Identification. It’s a standard that lets email senders display their brand logo in supported email clients (like Gmail, Yahoo, and Apple Mail) right beside the “From” field. But there’s a catch: the logo only appears after strict security checks are passed. Think of it as a verified badge for your email — it tells recipients, “This message is genuinely from us.”

To show a logo, you must prove two things: that your domain truly controls the email (via DMARC) and that you own the logo (often via a verified certificate). Once you’ve satisfied those checks, your logo becomes a trust signal that stands out in crowded inboxes.

Real-World Analogy

BIMI is like the little “verified” checkmark on social media profiles — an indicator that the account is authentic. Just as the checkmark only appears after the platform confirms your identity and you meet its criteria, your email logo appears only after receiving servers confirm your domain’s authentication and verify that you control the logo. No checkmark? No logo.

How BIMI Works

Layer 1: Plain English

Here’s what happens step by step when you send a marketing email from your domain, and the receiving inbox decides whether to show your logo.

Before your logo can even be considered, the email must pass strict identity tests. First, your domain’s DMARC policy acts like a bouncer, telling the receiving server, “Only trust emails that pass SPF or DKIM checks, and if they don’t, quarantine or reject them.” If your DMARC is set to “p=none” (meaning no enforcement), BIMI won’t activate — the door stays locked. If the email passes DMARC, the server then looks up a special DNS record at a specific subdomain (imagine a public directory listing). That record contains the web address of your logo file and, optionally, a digital certificate that proves you own the logo. The server checks the certificate’s validity and confirms the logo matches strict formatting rules (like being a square SVG of a certain type). If everything lines up, the logo appears. If any step fails — DMARC too soft, record missing, logo oversized — no logo shows.

In short: strong DMARC + valid BIMI record + correct logo + ownership proof = your logo shines beside your emails.

Technical Details
BIMI record location: as a TXT record
Record value format:
is the version identifier
points to the logo file (must be an SVG Tiny PS, square aspect ratio, centered image, no external resources, under 32KB)
points to the Verified Mark Certificate (VMC) PEM file, required by Gmail and others, issued by a certificate authority after trademark verification
DMARC must have or on the organizational domain; subdomain policy (sp) alone is not enough
SVG specifics: must use the SVG Tiny 1.2 profile, contain only vector graphics, no scripts, and must not reference external fonts or images

Why It Matters for Your Business

When BIMI is configured correctly, every email your team sends — marketing campaigns, sales follow-ups, support replies — arrives with your logo, making your messages instantly recognizable and credible. This visual trust mark can increase open rates and reduce the chance that customers mistake your emails for spam or phishing attempts.

If BIMI is missing or set up incorrectly, your emails blend in with every other gray plain-text sender. For a brand that’s frequently impersonated, the absence of a logo can actually hurt; customers learn to doubt messages without that visual cue, even legitimate ones. Lost trust means lost opens, missed deals, and more support calls from worried users.

Everyone who sends email benefits: marketing sees better engagement, sales builds faster rapport, support appears official and secure, and leadership knows the brand is protected. BIMI isn’t just an IT checkbox — it’s a competitive differentiator that quietly reinforces your brand with every message.

Common Issues and Warning Signs

BIMI is demanding. A single misconfiguration can silently prevent your logo from appearing, and many senders don’t realize something is wrong until they look closely. Even big brands sometimes miss a detail.

Here are the most common warning signs that your BIMI setup needs attention:

Common Issues

Your logo doesn’t show in Gmail or Yahoo, even though you thought BIMI was set up
DMARC policy is still set to “p=none” or not enforced, so BIMI can’t activate
The BIMI DNS record is missing, or it’s at the wrong subdomain (it must be )
The SVG logo file doesn’t meet specifications — not square, not SVG Tiny PS, uses unsupported features, or exceeds the file size limit
A Verified Mark Certificate (VMC) is required by the receiving inbox (like Gmail) but yours is missing, expired, or invalid
A TechSpy scan flags “BIMI record not found” or “DMARC policy too permissive”

How to Fix or Improve BIMI

Getting BIMI working involves a few deliberate steps, but once set, it runs quietly in the background. You control the whole chain — DMARC enforcement, logo design, certificate, and DNS record.

If you manage your DNS directly, follow the steps above. If your IT team, email provider, or agency handles DNS, forward them this list and ask them to set up BIMI with DMARC enforcement ( or ) and a valid VMC. They’ll know exactly what to do.

Not sure if your BIMI is already working? Run a free TechSpy scan to see your BIMI and DMARC status instantly.

<!-- self-check: layer1_readable=true | fix_doable=true | no_padding=true | jargon_expanded=true -->

1Harden DMARC: Make sure your domain’s DMARC policy is set to at least . All legitimate sending sources (your email platform, marketing tools, ticket system) must be properly authenticated with SPF and/or DKIM. If you don’t yet have DMARC, start there first.
2Design your logo as SVG Tiny PS: Create a square vector logo, keep it simple, center it visually, and limit the file size to under 32KB. Use an SVG editor to save it in the required profile — no external font references, no scripts.
3Obtain a Verified Mark Certificate (VMC): For Gmail and most inboxes that demand a certificate, you’ll need a VMC from a certificate authority like DigiCert or Entrust. You must hold a trademark registration for the logo. If you’re only targeting Yahoo or Apple Mail (which don’t require a VMC yet), you could skip this step, but having the certificate future-proofs your BIMI.

- If you don’t have a trademark, talk to your legal team — it’s often worth the effort.

4Create the BIMI DNS record: Log in to your DNS hosting provider, and add a TXT record at the hostname . The record value should be (include the certificate URL only if you have a VMC). Save the record.
5Validate: Use a BIMI validation tool or run a TechSpy scan to confirm the record is found, the logo loads, and DMARC is properly enforced.

See how your domain's configuration stacks up.

Get a free scan — no sign-up, no credit card.

Scan Your Domain Free →