BIMI Record: Enhancing DMARC and Reinforcing Email Authenticity

The ever-evolving world of cybersecurity has given rise to numerous sophisticated standards and practices to fortify online communication. One such promising development is the Brand Indicator Message Identification (BIMI) Record. Currently in beta testing, BIMI is a type of DNS Record that, when applied, displays a company's logo within the recipient's email inbox, contingent on the email's legitimacy.

BIMI Record: The Concept

The concept of BIMI Record stems from an industry-wide effort to utilize brand logos as trust indicators, enabling email recipients to swiftly recognize and dismiss fraudulent messages. A handful of brands under Oath, including Yahoo! and AOL, are presently testing this concept, offering their mailbox users a unique opportunity to interact with this emerging standard.

If this standard successfully transcends its beta phase and achieves full fruition, it stands to benefit both businesses that send emails and all individual users of email. The implementation of BIMI Records would offer email users a robust tool to visually identify potential phishing or spam emails disguised as legitimate businesses. Simultaneously, businesses would accrue several benefits, including:

  1. Brand visibility: The logos of brands will be displayed prominently in their audience's inboxes, drawing positive attention at minimal cost.

  2. Enhanced delivery rates: Businesses can improve their delivery rates by adopting DMARC, subsequently reducing spam classifications.

The Inner Workings of BIMI Records

Most of today's email interfaces display a brand's initials within customers' inboxes as an identifier (e.g., 'R' for Redbox, 'DT' for Discount Tire). However, BIMI Records aim to elevate this trust factor by replacing these initials with the brand's actual logo. By publishing a BIMI Record via a DNS Record, brands can ensure their logo is integrated into every email sent from their domain, fostering recognition and confidence among recipients.

BIMI Records and DMARC: A Unified Approach

BIMI's implementation is contingent on the presence of DMARC authentication on the domain. In many respects, BIMI is seen as an extension of DMARC. Both protocols significantly contribute to ensuring a domain's message delivery and combat phishing and spoofing attempts. Therefore, the prerequisites for publishing BIMI Records include setting up DMARC and ensuring its smooth operation for the domain.

BIMI Certificates: A Prerequisite for Visual Trust

One of the key components of implementing BIMI is the acquisition of a Verified Mark Certificate (VMC). A VMC is a digital certificate that verifies the authenticity of the logo that will be displayed in your email. This certificate acts as a digital seal of approval for your logo, linking it to your domain and thus ensuring that the logo being displayed is indeed yours.

Who needs these certificates? Every company that wishes to use BIMI and display their logo in email clients requires a VMC. Without this certificate, the BIMI implementation will not be complete, and the logo won't be displayed.

Certain email clients may still display logos without a VMC, but this is not guaranteed and it isn't a standardized practice. Gmail, for instance, initially only showed logos for BIMI records that were accompanied by a VMC. Hence, for a full and reliable BIMI implementation, the VMC is crucial.

As for the cost, this can vary depending on the issuing Certificate Authority (CA). There are a few Certificate Authorities in the market that are authorized to issue VMCs. These include DigiCert and Entrust Datacard. The cost can range from a few hundred to a few thousand dollars per year. It's essential to reach out to these CAs directly to get a precise quote based on your specific needs.

Keep in mind that having a VMC and implementing BIMI are steps towards enhancing your brand's trustworthiness and visibility in the world of digital communication. It's an investment in your brand's online security and authenticity. The returns, in terms of brand recognition and increased email deliverability, can be significant.

To explore this exciting new frontier in email security further or to implement BIMI in your own business operations, we welcome you to reach out to us at info@alexshakhov.com. Our team is here to guide you through this evolving landscape, ensuring your brand stands out in the right way and your communications are secure.

Previous
Previous

What is the Sender Policy Framework (SPF)?

Next
Next

SH Consulting: Our Email Server Configuration Process