BIMI email requirements: DMARC, VMC, CMC, and setup

BIMI (Brand Indicators for Message Identification) is the standard that puts your logo next to your name in supporting inboxes. It's the most visible authentication payoff: customers literally see proof your mail is real. The catch is that it requires a strict DMARC posture and, for the major receivers, a paid certificate.

For the prerequisite work, use the authentication hub to connect BIMI readiness with DMARC enforcement, SPF/DKIM alignment, and sender inventory.

Where you'll see BIMI

Prerequisites

1. DMARC at `p=quarantine` or `p=reject` with pct=100. Aggregate reports must be flowing.
2. A trademarked logo. Generic icons (a circle, a letter mark you don't own) won't pass VMC issuance.
3. An SVG file following the SVG Tiny PS profile. Roughly: square aspect, no scripts, no external refs, file under 32KB.
4. Public HTTPS hosting for the SVG and (if you have one) the VMC PEM file.

Preparing the SVG

BIMI is picky about SVGs. The format is SVG Tiny 1.2 Portable/Secure (SVG Tiny PS), which strips anything that could fetch external resources or execute scripts. The fastest path is exporting from your design tool, then running through bimi-svg-converter or hand-editing.

• `viewBox` must be square (e.g. 0 0 100 100).
• Width and height attributes must be set, equal, and use the same units as the viewBox.
• Root element needs baseProfile="tiny-ps".
• Title element required: <title>Your Brand</title> directly inside <svg>.
• No <script>, <a>, <image>, <foreignObject>, or external xlink:href.
• Solid background recommended (transparent renders inconsistently in clients).

<?xml version="1.0" encoding="UTF-8"?>
<svg xmlns="http://www.w3.org/2000/svg"
     baseProfile="tiny-ps"
     version="1.2"
     viewBox="0 0 100 100"
     width="100"
     height="100">
  <title>Example Brand</title>
  <rect width="100" height="100" fill="#0a0a0a"/>
  <path d="M30 70 L50 30 L70 70 Z" fill="#ffffff"/>
</svg>

Publishing the BIMI record

BIMI lives at default._bimi.<domain> as a TXT record. The l= tag points to your SVG; the a= tag points to your VMC (PEM file).

The VMC question

A Verified Mark Certificate is a PKI certificate that ties your trademarked logo to your domain. Two issuers: Entrust and DigiCert. Pricing is around $1,500/year. To get one you need a registered trademark for the exact logo (text marks generally don't qualify; figurative marks do).

• Without a VMC: Fastmail will show your logo. Gmail, Apple, Yahoo will not.
• With a VMC: All major BIMI-supporting clients display the logo.
• Trademark requirement: Common marks (a basic geometric shape) usually fail review. Distinctive figurative marks pass.

Verifying

1. Use the BIMI Group's inspector at bimigroup.org/bimi-generator to validate the SVG and record syntax.
2. Send a test to a Fastmail or BIMI-supporting account. The logo should appear within minutes.
3. Send to Gmail (with a VMC). The logo appears in the avatar circle next to the From name.

Verify the prerequisite policy with the DMARC checker and monitor legitimate sender alignment before enforcement changes.