BIMI in 2026: Is It Finally Worth Implementing?

BIMI in 2026: Is It Finally Worth Implementing?

BIMI (Brand Indicators for Message Identification) attaches your brand logo to outgoing email so recipients see it directly in their inbox — next to the sender name, before they open the message. The logo replaces the generic initial or auto-generated avatar that most mailbox clients show by default.

It requires DMARC at p=quarantine or p=reject. That prerequisite held most organisations back for years. With Microsoft completing its rollout in 2025 and coverage now reaching the majority of business email, the adoption calculation has changed.

How BIMI Works

BIMI works through two mechanisms: a DNS record that points to your logo file, and an optional certificate that verifies your organisation's identity.

The DNS record sits at default._bimi.yourdomain.com:

default._bimi.example.com.  IN  TXT  "v=BIMI1; l=https://yourdomain.com/logo.svg;"

The l= tag points to an SVG file hosted on your domain — a specific SVG format called SVG Tiny PS that strips out scripting and complex features for security reasons. Most design tools export to this format or close to it; minor manual editing is often needed.

When an email from your domain arrives at a supporting mailbox provider, the provider checks your DMARC record to confirm p=quarantine or p=reject is set, fetches your BIMI record, retrieves the logo, and displays it alongside the sender name.

The optional piece is the VMC (Verified Mark Certificate) — a certificate issued by a certificate authority (currently Entrust or DigiCert) that cryptographically links your logo to your organisation's trademark registration. VMCs are required for Google and some other providers to show the blue verified checkmark alongside the logo. Without a VMC, you get the logo but not the checkmark.

Where BIMI Actually Displays in 2026

Coverage expanded significantly in 2025:

  • Gmail: Supported since 2021. Requires VMC for the verified checkmark.
  • Yahoo Mail: Supported since 2021. VMC required for checkmark.
  • Apple Mail (iPhone/Mac): Supported. No VMC requirement for basic logo display.
  • Microsoft Outlook: Consumer Outlook.com added support in 2024; Microsoft 365 business accounts completed rollout in early 2025. [verify: current Microsoft 365 BIMI status]
  • Fastmail: Supported.
  • Samsung Email: Supported.

The practical upshot: in 2026, BIMI logo display reaches the majority of email clients your recipients are likely using. That's a meaningfully different situation than three years ago, when Gmail and Yahoo support covered perhaps half the market.

The VMC Cost Question

A Verified Mark Certificate costs roughly $1,200-$1,500 per year depending on the certificate authority and your region. [verify: current VMC pricing from Entrust/DigiCert]

For that cost, you get:

  • The verified blue checkmark alongside your logo in Gmail and Yahoo
  • Certificate-based logo display in clients that require VMC
  • A public assertion that your logo is tied to a registered trademark

You also need an active trademark registration to obtain a VMC. That's a non-trivial requirement for early-stage businesses or organisations that haven't trademarked their brand.

The question SMBs should ask: is the incremental trust signal from the checkmark worth $1,200+/year? The honest answer depends on your email volume and audience.

For a high-volume transactional sender — an e-commerce business sending order confirmations, a SaaS platform sending account notifications — the branding benefit is real. Recipients see your logo hundreds of times a year. Phishing attempts using your domain become obviously distinguishable from your authenticated mail.

For a low-volume B2B business sending a few hundred emails a week, the ROI is harder to justify. Your recipients know who you are. Logo display adds recognition but doesn't fundamentally change how they interact with your email.

BIMI Without a VMC

You can implement BIMI without a VMC. The logo displays in Apple Mail and some other clients without certificate verification. Gmail and Yahoo require a VMC for any logo display — without it, they won't show the BIMI logo at all.

So the no-VMC path gives you Apple Mail logo display. Whether that coverage justifies the implementation effort depends on your audience's device mix.

The BIMI record without a VMC omits the a= authority tag:

default._bimi.example.com.  IN  TXT  "v=BIMI1; l=https://yourdomain.com/logo.svg;"

With a VMC, you add the authority tag pointing to the certificate location:

default._bimi.example.com.  IN  TXT  "v=BIMI1; l=https://yourdomain.com/logo.svg; a=https://yourdomain.com/bimi.pem;"

The DMARC Prerequisite

BIMI requires DMARC at p=quarantine or p=reject. This is a hard technical dependency — mailbox providers verify your DMARC policy before displaying any BIMI logo.

If your domain is at p=none, you can't implement BIMI regardless of VMC status or logo preparation. The DMARC enforcement guide covers the path from p=none to p=reject. For most domains, that's a 30-60 day process.

Check your current DMARC status with the free DMARC checker before investing in logo preparation or VMC procurement.

Google's official BIMI requirements page covers the technical prerequisites from Gmail's side in detail.

SVG Logo Requirements

The SVG format requirement trips up most designers. BIMI requires SVG Tiny PS — a subset of SVG that excludes scripts, animations, and certain complex elements.

Practical requirements:

  • Square aspect ratio (1:1)
  • Solid background (transparent backgrounds aren't supported by most providers)
  • No embedded raster images
  • No JavaScript
  • No external references

Most tools export SVG that needs some manual editing to comply. Adobe Illustrator and Inkscape can export compatible files with the right settings. Several online validators check compliance; run your file through one before publishing the BIMI record.

SimpleDMARC's BIMI setup tooling validates your SVG and BIMI record configuration in the dashboard.

Who Should Implement BIMI Now

High-volume consumer senders: E-commerce, financial services, healthcare platforms, SaaS with large user bases. The branding reinforcement at scale and the phishing differentiation are worth the VMC cost.

Brands with active phishing threats: If attackers regularly spoof your domain, BIMI gives recipients a visual cue that distinguishes your authenticated mail from phishing attempts. This is particularly valuable in financial services and healthcare.

Organisations already at p=reject: If you've completed DMARC enforcement, BIMI is the natural next step. The hard work — authenticating all your senders — is done. BIMI adds relatively little incremental effort.

Who can wait: SMBs with low email volume, B2B organisations whose recipients know them well, and any domain not yet at p=quarantine or p=reject. Fix DMARC enforcement first.

FAQ

Does BIMI improve email deliverability?
BIMI itself doesn't directly affect whether your email reaches the inbox — that's determined by your sending reputation, authentication, and content. However, BIMI requires DMARC enforcement, and domains at p=reject have stronger authentication signals that can correlate with better deliverability. The logo display also increases brand recognition, which may improve open rates over time, though this is indirect.

How long does BIMI implementation take?
Once DMARC is at p=quarantine or p=reject, BIMI implementation typically takes one to three weeks. The main time sink is logo preparation (SVG Tiny PS format compliance) and VMC procurement (verification of trademark registration by the certificate authority). The actual DNS record takes minutes to publish.

Is my trademark registration required for a VMC?
Yes. Certificate authorities that issue VMCs require proof of an active trademark registration for the logo you're submitting. If your brand isn't trademarked, you can still publish a BIMI record and show a logo in clients that don't require VMC verification (like Apple Mail), but you won't be eligible for the Gmail/Yahoo verified checkmark.

What happens if I update my logo?
You need to update the SVG file at the URL in your BIMI record, obtain a new VMC that covers the updated logo, and update the a= tag in your BIMI DNS record. VMCs are tied to the specific logo file they were issued for. Plan logo updates with this process in mind.

Can subdomain email use the root domain's BIMI record?
Yes, by default. The BIMI specification follows DMARC's subdomain inheritance model. If you send email from mail.example.com, it can use the BIMI record at default._bimi.example.com. If you need a different logo for a subdomain, publish a separate BIMI record at default._bimi.mail.example.com.


Check whether your domain meets the DMARC prerequisite for BIMI at simpledmarc.com/tools/dmarc-checker. If you're not yet at p=quarantine, that's the first step.