What is a BIMI record?

A BIMI record, which stands for Brand Indicators for Message Identification, is a DNS (Domain Name System) record that allows organizations to display their brand logos next to their emails in the recipient’s email client. BIMI is designed to enhance email security and authentication by requiring organizations to implement both SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) authentication, as well as providing a visual indicator of the sender’s authenticity.

How BIMI works

Authentication: To qualify for BIMI, an organization must have SPF and DKIM properly configured for their email sending domains. These authentication methods ensure that the organization’s emails are legitimate and have not been tampered with.
BIMI Record: The organization publishes a BIMI record in their DNS settings. This record contains information about the location of the organization’s logo image and specifies the requirements for logo display.
Logo Display: When an email is received by a recipient’s email client, the client checks for the presence of a valid BIMI record. If the email passes SPF and DKIM checks and a valid BIMI record is found, the client can display the organization’s logo alongside the email in the recipient’s inbox.

BIMI aims to provide recipients with a visual cue that an email is not only authenticated but also from a recognized and trusted source. This can be particularly useful in combating phishing and spoofing attacks, as users are more likely to interact with emails from recognized and trusted brands.

It’s worth noting that BIMI adoption may vary among email clients and service providers. Organizations interested in implementing BIMI should carefully follow the technical specifications and guidelines provided by the BIMI standard and work with their email service providers to ensure proper configuration and support.