BIMI and Verified Logos: How to Get Them and Why It Matters
BIMI puts your brand logo next to your email in supported inboxes. Done right, it lifts open rate and protects against impersonation. Here is the full path.
BIMI (Brand Indicators for Message Identification) is the standard that lets supported email clients display your verified logo next to your messages. It launched commercially in 2021 with Yahoo, then Gmail in 2022, then Apple Mail in 2023, and is now the most visible deliverability signal a brand can earn. If your logo is in the inbox row, you look like a real sender. If not, you look like every other anonymous notification.
This article walks through what BIMI actually is, what you need to deploy it (the answer surprises most teams), and how to handle the trickiest piece — the Verified Mark Certificate (VMC).
What BIMI Is and Is Not
BIMI is a TXT DNS record that points to a logo file plus, in many cases, a Verified Mark Certificate. Supported mail clients fetch the record, verify the certificate, and display the logo if everything checks out.
BIMI is not:
- A deliverability boost in itself (it only displays if you already authenticate well).
- A guarantee of inbox placement.
- Available to senders without strict DMARC enforcement.
The Prerequisites
To deploy BIMI you need, in order:
- SPF passing and aligned.
- DKIM passing and aligned.
- DMARC at policy
p=quarantineorp=reject, withpct=100.p=nonedoes not qualify. - A logo in SVG Tiny PS 1.2 format, hosted on HTTPS.
- For Gmail and Apple Mail: a Verified Mark Certificate (VMC) tied to a registered trademark.
⚠️ Warning: Yahoo accepts BIMI without a VMC. Gmail and Apple Mail require one. If you skip the VMC your logo only shows in Yahoo — a small fraction of users.
Step 1: Reach DMARC Enforcement
Most senders fail at this step. They have SPF and DKIM passing but DMARC sits at p=none because shifting to quarantine is scary. BIMI forces the issue. Plan a 3-month DMARC rollout:
- Month 1:
p=none, collect aggregate reports, identify every legitimate sender of your domain. - Month 2:
p=quarantine; pct=25, increase to 50, then 75, then 100. - Month 3:
p=quarantine; pct=100, monitor, then optionally move top=reject.
Step 2: Prepare the Logo
BIMI requires SVG Tiny PS 1.2 — a strict subset of SVG with no scripts, no external references and no animations. Specific rules:
- Square aspect ratio (1:1).
- Only one root
<svg>element. - Must include
baseProfile="tiny-ps". - Must include
<title>matching your brand name. - No
<image>,<foreignObject>, no script tags, no external fonts. - File size under 32 KB.
<svg xmlns="http://www.w3.org/2000/svg" version="1.2" baseProfile="tiny-ps"
viewBox="0 0 64 64">
<title>Target SMTP</title>
<rect width="64" height="64" rx="12" fill="#0F172A"/>
<path d="M16 32 L32 16 L48 32 L32 48 Z" fill="#F8FAFC"/>
</svg>Host it at a stable HTTPS URL. Use a CDN that supports the correct MIME type (image/svg+xml).
Step 3: The VMC
A Verified Mark Certificate is issued by two CAs: DigiCert and Entrust. They cost about $1,500/year. To get one you need:
- A registered trademark for the logo (Madrid Protocol, EUIPO or USPTO).
- Active for at least 12 months before VMC issuance.
- The trademark registration document.
- An organisation validation (company exists, you have authority to act).
The trademark requirement is the kill criterion for most small brands. Many SaaS startups have wordmarks but never registered the logo as a separate trademark. Plan 6-12 months ahead.
💡 Tip: From early 2024 a Common Mark Certificate (CMC) is available, accepting marks that have been in commercial use for 12+ months without trademark registration. It is cheaper but only some clients honour it.
Step 4: Publish the BIMI Record
default._bimi.example.com. IN TXT "v=BIMI1; l=https://cdn.example.com/logo.svg; a=https://cdn.example.com/vmc.pem"Two parts:
l=: URL to the SVG.a=: URL to the VMC.
If you have no VMC, omit a=. Only Yahoo will show the logo.
Step 5: Verify
Use the BIMI Inspector at bimigroup.org or check via dig:
dig +short TXT default._bimi.example.comSend a test email to yourname+test@gmail.com and a Yahoo address. Wait 10-60 minutes for the cache to update.
Per-Subdomain BIMI
You can publish different logos per subdomain. Useful for brand portfolios: shop.example.com uses the consumer logo, support.example.com uses the corporate logo.
default._bimi.shop.example.com. IN TXT "v=BIMI1; l=...shop.svg; a=..."
default._bimi.support.example.com. IN TXT "v=BIMI1; l=...corp.svg; a=..."Is It Worth It?
The math varies. For consumer brands sending high-volume notifications (banking, retail, travel), BIMI typically lifts open rate 5-15% and reduces phishing impersonation complaints. For B2B SaaS sending under 100k/month, the lift is real but smaller (2-5%) and you may struggle to justify the VMC cost.
The non-monetary upside: BIMI forces you to reach DMARC enforcement, which prevents impersonation regardless of whether the logo shows.
Common Failure Modes
| Problem | Symptom | Fix |
|---|---|---|
| SVG too permissive | Logo does not display in Gmail | Validate against Tiny PS spec |
| VMC expired | Logo vanishes overnight | Annual renewal calendar |
DMARC at p=none | BIMI never activates | Move to p=quarantine |
| Subdomain misalignment | Some campaigns show logo, others do not | Publish BIMI on the sending subdomain |
The Practical Recommendation
If you ship more than 200k/month to consumer recipients and have a trademark or can register one, BIMI pays for itself in inbox lift and brand trust within a year. If you ship only to B2B, deploy BIMI without the VMC for Yahoo coverage and revisit when you hit higher volume.
Target SMTP guides every domain through the DMARC enforcement ramp required by BIMI and verifies the SVG and VMC at the DNS level. The Send-Time Firewall can also block a send when DMARC has unexpectedly fallen back to p=none, preventing a silent BIMI deactivation from happening mid-campaign.