Brand Indicators for Message Identification

Brand Indicators for Message Identification, or BIMI (/ˈbɪmi/), is a specification allowing for the display of brand logos next to authenticated e-mails.

Design

There are two parts to BIMI: a method for domain owners to publish the location of their indicators, and a means for Mail Transfer Agents (MTAs) to verify the authenticity of the indicator.[1][2]

To implement BIMI, companies need a valid DMARC DNS record with a policy of either quarantine or reject, an exact square logo for the brand in SVG Tiny P/S format,[3] and a DNS TXT record for the domain indicating the URI location of the SVG file. The only supported transport for the SVG URI is HTTPS.[1] The BIMI DNS record is in the following format:

default._bimi TXT "v=BIMI1; l=https://example.com/image.svg; a=https://example.com/image/certificate.pem"

Additionally, services such as Gmail require that a Verified Mark Certificate (VMC) be acquired and presented with the TXT record in order for the brand logo to be displayed in the inbox.[4] These factors alone will not guarantee a BIMI logo will be displayed as heuristics (like spam and spoofing) and reputation will be a key part in BIMI validity.[5]

To query the value of the default._bimi TXT record for a given domain, one can use the Dig command-line tool. For example, the following command will query the TXT record for the example.com domain: dig +short default._bimi.example.com TXT.

Implementations

A working group of several companies named "BIMI Group" has formed to develop and support standardization of BIMI in IETF.[6][7]

As of June 2023 the following e-mail services have implemented support for BIMI:[8]

Email clients supporting BIMI
ClientRequires VMCNotes
AOL MailUnknown [9]
Apple MailYes [10][11]
FastmailNo [12][13]
GmailYes [14][15]
La PosteNo [16]Domains without VMCs must be submitted and manually verified by La Poste.[16]
Yahoo! MailNo [17]Only for bulk emails from high reputation domains.[17]

References
  1. "Brand Indicators for Message Identification (BIMI) Draft". Internet Engineering Task Force. IETF Trust. Retrieved 5 May 2023.
  2. "BIMI Up, Scotty! A look at Brand Indicators for Message Identification (BIMI) Adoption with R and the Alexa Top 1m". Security Boulevard. 2020-02-21. Retrieved 2021-02-08.
  3. "Implementation Guide". BIMI Group. Retrieved 9 February 2021.
  4. "Get your Verified Mark Certificate (VMC) - Google Workspace Admin Help". support.google.com. Retrieved 2023-01-25.
  5. Group, BIMI (2021-09-10). "VMCs Aren't a Golden Ticket for BIMI Logo Display". BIMI Group. Retrieved 2023-01-25.
  6. "BIMI Working Group". BIMI Group. BIMI Group. Retrieved 8 February 2021.
  7. "Google's Gmail Is Getting Support For A New Email Feature That Allows Brands To Display Their Logos In The Avatar Slot". Retrieved 2021-02-08.
  8. "BIMI Support by Mailbox Provider". BIMI Group. Retrieved 2023-06-09.
  9. "BIMI support in AOL Mail". AOL Help. Retrieved 2023-06-09.
  10. "Prepare your email server for BIMI support in Apple Mail". Apple Developer. Retrieved 2023-06-09.
  11. "BIMI Rolling Out to All Apple Inboxes in Fall 2022". BIMI Group. Retrieved 2023-06-09.
  12. "Using BIMI in Fastmail". Fastmail Help Center. Retrieved 2023-06-09.
  13. "BIMI for Non-Trademarked Logos". BIMI Group. Retrieved 2023-06-09.
  14. "Advancing email security for Gmail and beyond with BIMI". Google Workspace Blog. Retrieved 2023-06-09.
  15. "Add a brand logo to outgoing email with BIMI". Google Workspace Help. Retrieved 2023-06-09.
  16. "La Poste Announces Support for BIMI". BIMI Group. Retrieved 2023-06-09.
  17. "BIMI, Mail". Yahoo Developer Network. Retrieved 2023-06-09.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.