Friday, July 17, 2020

Show your company logo next to your company’s email subjects (BIMI)


This is called BIMI which stands for Brand Indicators for Message Identification.

From Litmus.com’s post:
BIMI is essentially a text file. That text file follows a specific format and lives on your sending servers.
When a message is delivered, the recipient’s email service looks up the BIMI text file—and where it’s hosted—to ensure that the message can be verified. Once verified, the BIMI file tells the email service where to find the sender’s logo and the email service pulls that logo into the inbox.



Please note: logo must be in SVG format and u need SPF, DKIM and DMARC authentication records already setup.

About these records:


DMARC authentication is required for BIMI to work (this prevents emails from going to spam + other security threats related to emails). Which is comprised of the following:
  • SPF (Sender Policy Framework): specifies sender's trusted IP addresses
  • DKIM (DomainKeys Identified Mail): sends an encrypted key to recipient to validate sender's signature
  • This means both SPF and DKIM validates sender's authenticity separately
  • DMARC (Domain-based Message Authentication Reporting and Conformance): instructs receiving email clients/services on how to deal with invalid emails by setting different rules or policies.

 

Steps to add a BIMI record

 

Step 1 

Find out if your site has the required DMARC records already setup: https://www.agari.com/insights/tools/bimi/

If your site already has DMARC, go to step 5. If not, then go to step 2:

Step 2 

Create an SPF record. See instructions here: https://www.validity.com/how-to-build-your-spf-record-in-5-simple-steps/#docs-internal-guid-770769dd-c297-6553-ae11-3aef60dc95db

Step 3

Create a DKIM record. This is where you generate private and public key pairs for each of the specified "selectors" or email categories. See instructions and details here: https://blog.mailtrap.io/create-dkim-tutorial/

Step 4 

Create a DMARC auth record policy (highly recommend to read entire post): https://aritic.com/blog/aritic-mail/create-dmarc-record/

Here's an example of the different options provided by DMARC tags (for more info on DMARC tags, see "Anatomy of a DMARC resource record in the DNS" here: https://dmarc.org/overview/)
  • Accept all email = none
  • Send email that fails validation to spam = quarantine
  • Reject all invalid email = reject
Please note: Initially, DMARC does not send email to spam or rejected and instead sends forensic reports to fine tune the set policies. Then after, you're allowed to reject all invalid email if you choose to.

Important: you need to make sure the domain names used in outgoing email headers match one of the domains previously specified in the DKIM signature.

Step 5 

Create a perfectly squared logo in SVG format. Should only contain the logo, without any additional text.

Step 6 

Store the logo in your server

Step 7 

Generate the BIMI record here: https://www.agari.com/insights/tools/bimi/

Step 8 

Update DNS records by adding the generated BIMI record (host name for the BIMI record should be yourselector._bimi.yourdomainname.com)

Please note: if you want to change the image’s location, you will have to update the DNS record appropriately

Step 9 

Confirm the BIMI record has been properly saved: https://www.agari.com/insights/tools/bimi/ 

That's it!
Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)