How to Create and Publish a BIMI Record?
In order to implement BIMI, you first need to enforce your existing DMARC policy by setting it to either reject or quarantine.
After successfully enforcing DMARC you can avail of the advantages of BIMI in your organization’s email domain! Similar to any other email authentication standard, BIMI resides in your domain as a text (TXT) record.
The BIMI record(s) resides in the “_bimi” space of your DNS with the default BIMI record being “default._bimi”. The text part holds the identifier of the record version (v=BIMI1),URL to the logo (l=),and URL to the logo certificate (VMC) if available (a=).
A complete BIMI record would look like the following:
default._bimi IN TXT “v=BIMI1;l=https://url.to/your.file.svg;a=https://url.to/certificate.pem”
What are the Key Requirements for BIMI?
Domain owners should note that they need to meet certain key requirements before configuring BIMI for their domains. They are as follows:
- For BIMI to function, DMARC enforcement is a mandatory requirement. Make sure that you configure a DMARC policy of p=reject/quarantine
- The next step is to have your BIMI complaint brand logo in place. According to the BIMI logo, the correct SVG file format is SVG Tiny 1.2
- The display of your BIMI logo is ultimately in the hands of your mailbox provider, so make sure BIMI is supported by your participating mailbox providers
- Finally, implement BIMI for your domain by publishing your BIMI DNS record
How to Create a BIMI DNS Record?
Use an online BIMI record generator to start creating your BIMI record. These tools are free for use and will expedite the process and make it error-free.
For creating and publishing your BIMI record, start by identifying your root domain. This is the domain that would appear as the sender of your emails. Considering your domain name is domain.com, the next step should be creating your BIMI selector. Similar in function to DKIM selectors, a BIMI selector is rendered by receiving servers to extract your BIMI record during a DNS lookup.
Note: It is not mandatory to define a selector name, as you can go with the default selector. However, if you operate several brands located on subdomains and want to render a different BIMI logo for each of them, then you need to manually configure a BIMI-selector header to make that possible.
Using the BIMI record generator tool, enter your domain name, upload the URL of your BIMI-compliant SVG Tiny 1.2 logo, and the URL of your VMC certificate (optional but recommended),and hit the generate button to create your record.
BIMI Record Examples
BIMI record without VMC:
BIMI record with VMC:
Note: If you have not created your BIMI selector name, the name will be kept as “default”, in which case the value for your “host” field will be “default._bimi.domain.com”. Also, your VMC certificate is optional but highly recommended to verify ownership of your logo.
Publishing Your BIMI Record
To publish your record you need access to your DNS management console
- Login to your DNS management console
- Click on Advanced DNS Editor
- Create a new TXT record
- Paste your record value like in the example shown above and save changes. It may take your DNS a few hours to process the changes.
What is SPF? Free2 m
Video Introduction to SPF Free1 m 41 s- A Brief History of SPF Free1 m
- How does SPF work? Free2 m
- SPF Tags: Syntax of an SPF Record Explained Free3 m
- How to create and publish SPF records? Free2 m
- SPF Authentication Failures Free3 m
- Video Explanation: SPF PermError Free1 m 39 s
Quiz 430 m
- What is DMARC? Free1 m
- Video Introduction to DMARC Free1 m 15 s
- A Brief History of DMARC Free1 m
- How does DMARC work? Free2 m
- What is DMARC Policy? : None, Quarantine & Reject Free2 m
- Video Explanation: DMARC Policy Free1 m 40 s
- DMARC Tags Free2 m
- DMARC Aggregate (RUA) Reports Free3 m
- DMARC Forensic (RUF) Reports Free2 m
- How to Create and Publish a DMARC Record? Free3 m
- DMARC Authentication Failures Free3 m
- Video Explanation: Why does DMARC Fail? Free1 m 37 s
- Quiz 630 m