BIMI stands for Brand Indicators for Message Identification. It is an email authentication and verification protocol that allows organizations to display their brand logos next to authenticated emails in supported email clients. BIMI provides a visual cue to recipients that an email is legitimate and helps combat email fraud and phishing attempts.
Here's how BIMI works:
Email Authentication: BIMI relies on existing email authentication protocols like SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) to verify the authenticity of an email. These protocols ensure that the email is sent from an authorized server and has not been tampered with during transit.
Verified Mark Certificate (VMC): To enable BIMI, organizations need to obtain a Verified Mark Certificate (VMC). A VMC is a digital certificate issued by a trusted Certificate Authority (CA). It links the organization's brand logo with its email domain. The CA verifies the organization's identity and ownership of the logo.
DNS Record: The organization creates a DNS (Domain Name System) record known as a BIMI record. This record includes the location of the organization's logo and references the VMC associated with the domain.
Email Delivery: When the organization sends an email, the recipient's email server checks the email's authentication status using SPF, DKIM, and DMARC. If the email passes authentication, the server looks for the BIMI record in the DNS. If the record is present and valid, the email client retrieves the logo specified in the BIMI record.
Displaying the Logo: If the email client supports BIMI and the email passes authentication, the client displays the organization's logo next to the email in the recipient's inbox. The logo serves as a visual indicator of the email's authenticity.
Please note that BIMI is an evolving standard, and its adoption may vary among email clients and organizations.
Here's how BIMI works:
Email Authentication: BIMI relies on existing email authentication protocols like SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) to verify the authenticity of an email. These protocols ensure that the email is sent from an authorized server and has not been tampered with during transit.
Verified Mark Certificate (VMC): To enable BIMI, organizations need to obtain a Verified Mark Certificate (VMC). A VMC is a digital certificate issued by a trusted Certificate Authority (CA). It links the organization's brand logo with its email domain. The CA verifies the organization's identity and ownership of the logo.
DNS Record: The organization creates a DNS (Domain Name System) record known as a BIMI record. This record includes the location of the organization's logo and references the VMC associated with the domain.
Email Delivery: When the organization sends an email, the recipient's email server checks the email's authentication status using SPF, DKIM, and DMARC. If the email passes authentication, the server looks for the BIMI record in the DNS. If the record is present and valid, the email client retrieves the logo specified in the BIMI record.
Displaying the Logo: If the email client supports BIMI and the email passes authentication, the client displays the organization's logo next to the email in the recipient's inbox. The logo serves as a visual indicator of the email's authenticity.
Please note that BIMI is an evolving standard, and its adoption may vary among email clients and organizations.