Master Guide: Obtaining your blue verified Gmail checkmark
This guide was initially written in April 23rd.
In today's fast-paced digital world, authenticity, and credibility matter. It's no surprise then, that since its introduction by Gmail in May 2023, the blue verified checkmark has rapidly become a critical asset for brands and companies seeking to build trust. Acquiring this symbol, however, involves a detailed process, requiring patience and precision.
As business owners and operators ourselves, we understand how critical securing and optimizing email deliverability can be. We've put together this comprehensive guide to help companies from all technical skill levels navigate this pathway successfully. We'll lead you through the following crucial steps:
We understand that, despite all the guidance, the process can sometimes prove challenging. If you find yourself struggling at any stage, remember that our team is always on standby. We're here to help you navigate any issues. So, let's dive into the process together, and get you that blue verified checkmark.
Step 1→ Configuring your DNS and Preparing to set up your BIMI record – laying the necessary groundwork.
To get a more detailed guide on Step 1 - Please consult our dedicated guide on - Configuring your DNS and preparing to Setup your BIMI Record
In this initial stage, we'll lay the groundwork for your verified checkmark by preparing your BIMI records - a technically-intensive step.
BIMI (Brand Indicators for Message Identification) is an ever-evolving email standard and may change over time. To prepare, you'll need:
SPF, DKIM, DMARC, and BIMI are interlinked protocols enhancing email communication security and authenticity. SPF and DKIM verify email origins, DMARC builds on these checks, dictating actions when checks fail, while BIMI, relying on DMARC, visually validates your emails with your logo. These protocols not only secure but also visually enhance your emails, building trust with recipients.
DNS Records: What They Are, Why They Matter, and How to Set Them Up
Simply put, DNS (Domain Name System) records are a crucial part of how the Internet functions; they serve as the Internet's address book. They help connect your website's domain name to the appropriate server IP address, making your website accessible to users.
For protocols like BIMI, you need to add these DNS records to your domain provider's management console. These records, particularly TXT records, carry vital information about your domain for external servers.
Understanding DNS records and their roles, such as connecting your domain name to its IP address for accurate email routing, is a key part of setting up an email authentication protocols like BIMI.
Why set up SPF, DKIM, and DMARC for your domain?
Setting up SPF, DKIM, and DMARC records for your domain is crucial for improving email delivery and trustworthiness. These protocols authenticate your email messages, ensuring they come from a legitimate source. This authentication helps prevent your emails from being flagged as spam or rejected by email servers. By implementing SPF, DKIM, and DMARC, you increase the likelihood of your emails reaching the intended recipients' inboxes.
Understanding Propagation
When adding a new DNS record, bear in mind that it can take up to 48 hours for it to fully propagate across all DNS servers globally. If you're encountering verification hiccups during this period, it's likely due to this propagation period. However, remember, propagation isn't the sole source of potential issues.
If you're curious about your DNS propagation status, use a tool like the one linked below. Keep in mind, though, that propagation times can vary, and delays don't necessarily signal a problem with your record itself.
*Don’t forget to select “DNS” in the drop-down next to domain name
Gathering Your DNS Manager Credentials
To set up your DNS records, you will need to access your DNS Manager. There are two common methods depending on your domain host: signing in directly to the domain host's sign-in portal or logging in via your third-party DNS Manager. These steps ensure smooth access to the necessary settings for managing your domain's DNS configuration.
If you have a website developer or an IT person on your team, they might be the ones managing your domain. Don't hesitate to ask them for this information.
Here are some of the most popular domain hosts:
- GoDaddy
- Google Domain
- Bluehost
- NameCheap
- DreamHost
Most popular DNS Managers:
- Cloudflare
- Google Cloud DNS
- Amazon Route 53
Domain Host DNS Manager
Once you’ve signed in, your domain host provider's dashboard look should similar to this:
You can also use your domain hosting provider’s internal Domain Manager to check out your DNS. Many of them have an interface that looks similar to this:
Third-Party DNS Manager
If you are using a free third-party DNS Manager like Cloudflare, which we highly recommend, your DNS interface would look like this.
Setting up your SPF Record
An SPF record is a line of text that specifies which domains or IP addresses are allowed to send emails on behalf of your domain.
Setting up an SPF (Sender Policy Framework) record for your company's domain is like putting a seal of authenticity on your outgoing emails. It helps prevent others from sending emails pretending to be from your domain. Here are the steps it will take to set it up:
1. Identify the Third Party Services your Company is Using
Make a list of all the mail servers that send emails on behalf of your domain. These could include your company's internal mail servers and any external email marketing services.
You may include either the domain name or the IP address of the third party service in the SPF record. Depending on the specific circumstances. Here's how:
2. Domain name: If a third-party provider is sending mail on your behalf and they have an SPF record published for their own domain, you could use the include mechanism followed by their domain name. This will include their SPF record in your own.
An example of this would be v=spf1 include:thirdpartydomain.com -all, where thirdpartydomain.com is the domain of the third-party mail service.
3. IP Address: If you know the specific IP address or range of IP addresses that the third-party provider uses to send mail, you can specify these directly in your SPF record using the ip4 or ip6 mechanisms.
An example of this would be v=spf1 ip4:192.0.2.0/24 -all, where 192.0.2.0/24 is the IP range used by the third-party provider.
4. Create Your SPF Record
Replace the sample IP addresses in the example with your actual ones. Here's an example SPF record for a domain using
Google Workspace for email (Gmail) example:
v=spf1 include:_spf.google.com ~all
Add include:_spf.domain.com for every third party tool using your domain for sending emails
Once completed
5. Add the SPF Record to Your DNS
Log in to your DNS management interface and add TXT records for your domain like discussed previously. Don’t forget to add @ for root domain and set the TTL to Auto or alternative, use 8 hours if you don’t intend on updating your SPF record often.
6. Test Your SPF Record
After the new record propagates (which may take up to 48 hours), use an online SPF record checker to verify if it's set up correctly. You can use a tool like this one:
Setting up your DKIM DNS record
DKIM (DomainKeys Identified Mail) is a method to verify that the emails you send are genuine and haven't been changed along the way. It works by adding a special digital signature to your email.
Here’s how to set it up:
1. Generate a DKIM Key
You need to create a special key pair. If you use services like Google Workspace for using Gmail with your work email for example, they will provide you with a part of the key called the public key. They will keep the other part, called the private key, secure to sign your outgoing emails.
Example using the Google Workspace Authentication Generator:
2. Add the DKIM record to your DNS
The host for the DKIM record will usually look something like selector._domainkey, where selector is a name you choose (it could be anything like "mail", "google", etc.). The value will be the DKIM value provided by the third party.
Adding a new TXT record to your DNS settings. Use the following example for each value:
The DNS Record creator should look similar to this Cloudflare example:
Test your DKIM
After the DKIM record propagates, you can use an online DKIM record checker to verify that it's set up correctly. Just enter your domain and the selector you used, and it should return your DKIM record.
Remember that this is a simplified guide and actual implementation might differ based on your email service provider. If you are having problems configuring and verifying your DKIM, don’t hesitate to contact us and let our team help you for free (for now!).
Setup DMARC for your Domain
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email protocol that uses SPF and DKIM to check if an email is legitimately from the domain it says it's from.
Specifically: It tells the receiving email server what to do if the checks fail (like sending a report, quarantining the email, or rejecting the email), and can stop fraudulent emails before they even get to the recipient.
Typically, each service will provide you with a single DMARC record to input into your DNS Manager. Let's say you use Mailjet for marketing emails, Google Apps (Gmail) for user emails, and Hubspot CRM for transactional emails. In this case, each of these services requires its own DMARC TXT record in your DNS manager. This ensures that the DMARC policies are correctly applied and enforced for each specific email service you utilize.
Note that you’ll first need SPF and/or DKIM deployed for a minimum of 48 hours (Propagation!) before you can set up DMARC.
Special Requirements for your DMARC policy settings for BIMI
To enable BIMI, your DMARC policy must meet certain requirements.
- The policy option (p) must be set to either quarantine or reject. BIMI does not support DMARC policies with the p option set to none.
- Additionally, the percent option (pct) must be set to 100 to apply the DMARC policy to all outgoing mail from your domain.
Finally, Here are the steps to set up DMARC for a single service:
1. Create a DMARC policy
Your DMARC policy is a DNS record that tells receiving mail servers how to handle emails from your domain if they fail SPF or DKIM checks. Here's a simple example of a DMARC policy:
In this case, v=DMARC1 specifies the version of DMARC. The p=quarantine tells the mail server to moves suspicious emails into a different folder, like your recipient’s spam folder, instead of the inbox.
rua=mailto:postmaster@example.com specifies that aggregate reports should be emailed to postmaster@example.com.
If you would like to reject suspicious emails outright, you would change p=quarantine to p=reject. However, we recommend using caution when using p=reject as you would need to be absolutely sure to whitelist all of your email sending services.
To be compliant for BIMI, your DMARC record cannot use the p=none policy.
2. Add the DMARC record to your DNS
Add a new TXT record to your DNS settings. The host for the DMARC record will be _dmarc. The value will be the DMARC policy you just created. So, your DNS entry might look like this:
**Type:** TXT**Host:** _dmarc**Value:** v=DMARC1; p=quarantine; [rua=mailto:postmaster@](<mailto:rua=mailto:postmaster@example.com>)getverified.emai**TTL:** 3600 (or your provider's default)
Hit save, then your DMARC record should show up in your DNS record. This can take up to 24 hours to update.
3. Test your DMARC record
After the DMARC record propagates, you can use an online DMARC record checker like the BIMI Inspector to verify that it's set up correctly. Just enter your domain and it should return your DMARC record.
Remember to monitor your DMARC reports regularly, as they will provide valuable insight into whether any malicious entities are attempting to send emails on behalf of your domain.
Checking for an existing BIMI record
You can check if your domain has an existing BIMI record by using the same BIMI Inspector tool. This tool checks for the BIMI record and the BIMI image SVG file associated with your domain and will generate a report with the results of the checks.
If you run into any problems while completing this first step, get your personalized company report with GetVerified for a detailed analysis of the next steps required to obtain your verified Gmail checkmark.
Step 2 → Logo - SVG & Trademark
For more specific instructions on Step 2 - Please consult our dedicated guide on Step 2 → Logo - SVG & Trademark
The second step for obtaining your verified blue Gmail checkmark will consist of you uploading your company logo in a specific SVG format on your public server and securing a trademark for your logo.
The process of creating a BIMI-compliant SVG logo includes multiple technical and design steps that might require the assistance of a specialist.
Obtaining a trademark includes researching existing trademarks to ensure that your logo is unique, filing a trademark application with the appropriate government agency, and waiting for the trademark to be approved.
Latest news: The BIMI standard currently requires a registered trademark for your logo to be eligible for a Verified Mark Certificate (VMC). However, the standard is being expanded to include logos that are not trademarked.
Here’s a breakdown of the different steps:
Step 1 - Obtaining & Configuring Your Company's Logo SVG
- Understand what an SVG is
- Determining if your company logo is already in SVG format
- Converting your logo to an SVG format
- Creating a BIMI-compliant SVG logo
Step 2 - Trademarking Your Logo
- Understanding what a logo trademark is
- Applying for a logo trademark
- Understanding the timeline for trademark registration
- Work with a reputable company to get your logo trademarked
#1 -Obtaining & Configuring Your Company's Logo SVG
Understanding what an SVG is
SVG stands for Scalable Vector Graphics. Imagine a picture you can zoom in on indefinitely without it ever getting blurry, and that's essentially what an SVG is.
This means no matter how much you increase the size of an SVG, it will always look sharp and clear because it stores the image via mathematical formulas and does not stretch pixels.
Here are some of the most popular software programs for creating SVG graphics:
- Adobe Illustrator
- Figma
- Sketch
- Inkscape
Example of increasing the size of an SVG logo that scales perfectly:
Determining if your company logo is already in SVG format
To find out if your company logo is already in SVG format, start by checking where your digital assets are stored. This could be on your company server, a cloud storage platform, or even an email thread from when the logo was first created. The SVG file will end with the extension ".svg" in the filename.
If you're unsure, you can also ask your design team, the design agency or freelancer who originally created your logo, or the person responsible for your company's branding. Any of these sources may still have the original design files and can provide you with the SVG if it was created. It's important to maintain an SVG version of your logo, as it provides flexibility and scalability for different digital applications.
BIMI SVG file requirements and recommendations
To ensure that your logo is verified and can be displayed properly at various resolutions, it must meet BIMI's brand logo requirements. This ensures that your logo passes security checks and can be displayed accurately.
In order to be properly displayed in the recipient's inbox, your SVG file must adhere to certain specifications.
- It must be in SVG Tiny Portable/Secure (SVG Tiny PS) format
- baseProfile attribute of tiny-ps
- version attribute of 1.2
- The <title> element should reflect your organization's name
- The logo should not include external links or references, scripts, animations, or interactive elements.
- The <svg> root element should not include x= or y= attributes.
- To ensure compatibility with email clients that support BIMI, the logo should be centered in a square on a solid color background, have a small file size of no larger than 32 KB, and include a <desc> element for accessibility.
Creating your Brand Logo SVG file
Converting your logo to an SVG format
If your company logo isn't already in SVG format, you'll need to convert it. This process should ideally be carried out by a professional graphic designer to ensure the quality and accuracy of your logo are maintained.
If you're unsure how to proceed, get in touch with our team so we can help!
It is possible to find online tools that claim to automatically convert JPG files to SVG format. However, we strongly advise against using these tools, as the results are usually poor and inaccurate. Here’s an example of a logo that has been automatically converted:
Tips for better results:
- Optimal image presentation is achieved with a square aspect ratio (1:1).
- It's recommended that the image be positioned in the center to ensure ideal visibility in various shapes such as a square, a rounded square, or a circle.
- Using non-transparent backgrounds is advisable due to the inconsistent and unpredictable display outcomes with transparent backgrounds.
Your logo will display in different sizes and formats, so it’s important to consider that when designing your logo:
Make sure your logo is 80px by 80px and that it has padding around it. This ensures that any cropping in different shapes doesn’t affect the design:
Currently, there are no tools available that can create an SVG format file suitable for BIMI that meets all the requirements. Typically, SVG files for BIMI need to be modified manually using a text editor or a special-purpose script.
Here is a useful tool provided by the BIMI organization to help you convert your SVG 1.2 to the SVG P/S format:
https://bimigroup.org/svg-conversion-tools-released/
To obtain a Verified Checkmark, you must have a company logo in a BIMI-compliant SVG format and a trademark for your logo. The logo must be based on the Scalable Vector Graphic (SVG) Tiny 1.2 format specified by the W3C, with fewer allowed elements, and in "SVG Tiny Portable/Secure" (SVG P/S) format supported by BIMI.
Here’s a step-by-step guide on how to create your SVG file using Adobe Illustrator
1. Launch Adobe Illustrator and open your original vector image.
2. Ensure that your vector image doesn't contain bitmaps, external file links, text, or grouped objects. If you have text to preserve as a shape, use the 'Create outlines' option in Illustrator.
3. Click on 'File' and choose 'Save As…'.
4. In the 'Save As' dialog:
- Type the desired filename in the 'Save As' field. Stick to lowercase letters and hyphens, for instance: mybusiness-bimi.svg. Avoid using special characters.
- In the 'Format' drop down menu, choose 'SVG (svg)'. Do not select 'SVG Compressed (svgz)'.
- Hit the 'Save' button
5. In the resulting 'SVG Options' dialog:
- In the 'SVG Profiles' dropdown, choose 'SVG Tiny 1.2'.
- In 'Image Location', opt for 'Preserve'.
6. Click 'OK' to finalize saving the file.
7. Open the file in a text editor like Text Edit on MacOS. You will be editing the first part of the file, which should look like this:
8. Change these items the text file:
- svg version value is 1.2. If it’s not, change it to 1.2.
- base Profile value to tiny-ps.
- x and y attributes and values.
- Add a <title> tag and value as shown in the example in Step 7. The title must come after <svg and before <g>.
9. Once you’re done, verify that the first part of the file appears similar to this:
10. Save your changes to the text file. The file extension must be .svg.
Next, upload the SVG file to your domain’s public web server.
Uploading the SVG file to your public web server
Once your SVG file is ready, the next step is to upload it to your public web server. The exact process may vary depending on your web hosting service, but generally, you would use an FTP (File Transfer Protocol) client or your hosting service's file manager.
In the FTP client or file manager, navigate to the root directory or the desired location where you want to store the SVG file.
Next, locate the SVG file on your local machine and select 'Upload' to transfer it to the server. Make sure the file permissions are set correctly so that it's publicly accessible.
Lastly, verify that the file can be viewed in a web browser by typing the file's URL directly into the browser's address bar. If everything is set up correctly, your SVG logo should now be visible and ready for use on the internet.
The web server must be in the same domain as your outgoing email server. You can do this by adhering to the instructions provided in the Add a BIMI TXT record section, specifically designed for your domain provider.
Your web server should share the same domain as your outgoing email server. This is the specific domain where you will activate BIMI once all the steps have been completed.
Somewhat challenging?
Setting up DMARC and managing email authentication protocols like SPF and DKIM can be technically complex. If you find yourself in need of assistance with these steps, we're here to help. Our experienced team can provide you with the guidance and support you need to properly configure DMARC, SPF, and DKIM for your domain.
Whether you have questions, need clarification, or require hands-on assistance, don't hesitate to reach out to us. Get in touch with our team, and we'll ensure you receive the right pointers to help you establish a robust email authentication setup and get your SVG logo done right.
Step 2 - Trademarking Your Logo
Securing a Verified Mark Certificate (VMC) is crucial. A VMC is a digital certificate given by a certificate authority, serving as proof of your logo's ownership. To qualify for a VMC, your logo must already be a registered trademark.
Latest news: Google has announced changes are underway as the standard is set to broaden its scope to accommodate logos that lack trademark registration.
Understanding what a Logo Trademark is
A logo trademark is a legally recognized and protected design or symbol that distinguishes a company's products or services from those of other entities. It serves as a unique identifier of the company's brand, enhancing its recognizability and establishing trust with customers.
Once a logo is trademarked, it means the company has exclusive rights to use it in relation to its goods or services. Any unauthorized use by other parties can be legally challenged, preventing potential confusion in the marketplace. This protection typically extends to similar logos that could potentially be mistaken for the trademarked logo, depending on the laws of the specific jurisdiction. Trademarking a logo is a critical step in safeguarding a company's brand identity.
Logo trademarks are enforceable per country of registration. Protection is not automatically worldwide. You need to register in multiple countries to have multiple protections.
Before applying for your Logo Trademark
Before applying for a VMC, verify that your logo is a registered trademark on the World Intellectual Property Organization’s (WIPO) Global Brand Database, which provides information on active registered trademarks.
How to Apply for your Logo Trademark for your VMC Certificate
1. Conduct a Trademark Search: As a company with a logo and SVG file ready, your first step is to conduct a thorough trademark search. This ensures that your logo does not infringe upon any existing trademarks. Online resources such as the United States Patent and Trademark Office's (USPTO) Trademark Electronic Search System (TESS) can be used to start your search.
2. Prepare and Submit Your Application: Following the verification of your logo's uniqueness, compile all the necessary information about your logo and the goods or services it represents. You can typically submit your application online via the trademark office's website of your country.
*It is important to verify if your country is recognized by the major VMC issuers. Please contact Digicert or Entrust to make sure you are registering your logo in the right country.
3. Cost and Turnaround Time: Costs of logo trademark application vary depending on the country. In the U.S., it usually ranges from $225 to $400 per class of goods or services. In the UK, it's approximately £200, while in Australia, it's about $250 AUD. Keep in mind that your business might span multiple classes, which will necessitate separate fees for each. The turnaround time also varies, usually ranging from several months to more than a year, based on factors such as logo complexity, objections, and more.
4. Respond to Correspondences: If the trademark office contacts you regarding your application, make sure to respond promptly to prevent your application from being abandoned.
5. Trademark Approval and Maintenance: Upon approval, you'll receive a certificate of registration. To maintain your trademark rights, you need to continuously use your logo in commerce and file the required maintenance documents as dictated by your country's trademark office.
6. Apply for a VMC: With a registered logo trademark, you're now eligible to apply for a Verified Mark Certificate (VMC). This digital certificate, issued by a certificate authority, verifies your legal ownership of the logo.
Timeline for a Logo Trademark Application
The duration it takes to complete a logo registration can vary greatly from one country to another, primarily due to the unique processes, rules, and resources of the respective trademark offices. For instance, in the United States, the process can take anywhere from 8 to 10 months, given no oppositions or queries are raised. The United Kingdom's Intellectual Property Office typically completes the process within 4 months if no objections are raised. In Australia, the trademark registration process generally takes approximately 7.5 months.
However, in India, the process could stretch up to 18-24 months due to the volume of applications and the multi-step process. In the European Union, trademark registration with the EUIPO can take about 5-6 months if there are no objections. Please remember these are approximate durations and actual times may vary depending on a variety of factors including the complexity of your logo, the efficiency of the trademark office, and any objections that might be raised. Always check with your local trademark office for the most accurate information.
Cost of Obtaining Your Logo Trademark
Below is a table that illustrates the cost of obtaining a logo trademark in several major countries around the world. The costs are provided in their respective local currencies:
These figures are based on basic filing fees and can vary depending on a range of factors, such as the number of classes under which you want to register your logo and the specifics of your application. Please check with your local trademark office or a legal professional for the most accurate and current information.
Seems like a lot to do on your own?
We understand this trademarking process can seem like a lot. If you would like us to help, simply fill out our form to Get Your Personalized Report from GetVerified so we can help you through the next steps of obtaining your SVG and trademark.
Step 3→ Obtaining your Verified Mark Certificate (VMC)
To get a more detailed guide on Step 2 - Please consult our dedicated guide on - Step 3→ Obtaining your Verified Mark Certificate (VMC)
The third step of obtaining your blue verified Gmail checkmark is to apply for a Verified Mark Certificate. To be able to do that, you need to have Step 2 completed.
What will be covered in Step 3?
- What is a Verified Mark Certificate (VMC)?
- Applying for a VMC
- Understanding the Costs and Timelines for VMC
- Future of VMC: Including Non-Trademarked Logos
- Frequently Asked Questions about the VMC
What is a Verified Mark Certificate (VMC)?
In the digital era, establishing brand identity and ensuring the legitimacy of communication channels have become pivotal for businesses. One tool that assists in these goals is the Verified Mark Certificate (VMC). This comprehensive guide provides an overview of VMC, its importance in email marketing, the steps to obtain one, and future updates on VMC eligibility. Obtaining your VMC is the holy grail to get finally getting your BIMI record.
A Verified Mark Certificate (VMC) is a digital certificate that verifies the ownership of a logo. Issued by a Certificate Authority, it validates that the organization is the legal owner of the brand logo.
Applying for a VMC
1. Select a Certified Authority (CA):
Verified Mark Certificates (VMC) can be obtained from recognized Certificate Authorities (CA). This certificate is a key that unlocks the ability to display your logo on verified emails and showcases the verified checkmark in email clients that support this feature, such as Gmail.
If you need help deciding which Certificate Authorities to work with, complete our short form here and our team will help you figure out which CA is the best fit for your company.
2. Establish DMARC Enforcement (Explained in Step 1):
Before your logo can be displayed, email clients need assurance that your organization is adhering to Domain-based Message Authentication, Reporting, and Conformance (DMARC) standards. These standards help curb phishing and spoofing attacks, providing your organization with more control over its email communications. Our previous Step 1 guide has all the instructions you will need to set up your DMARC policy.
3. Upload Your Trademarked and Validated Logo:
After demonstrating compliance with DMARC, you're eligible to upload your validated and trademarked logo for display within supporting email clients. If your company uses multiple logos, you can specify which one should appear for each type of communication.
4. Decide on Logo Hosting:
You have the option to either self-host your logo or have the chosen CA manage the hosting for you. Consider your organization's resources and technical capabilities when making this decision. Either way, your logo needs to be easily accessible and retrievable by email clients for the BIMI standard to work effectively.
Understanding the Costs and Timelines for VMC
The process of obtaining a VMC involves both financial and time investments, which can vary depending on the Certificate Authority (CA) you choose and the country in which your organization operates.
- Costs: The price of a VMC is set by the CA you choose. As of 2023, costs can range from several hundred to over a thousand dollars annually. It's important to consult directly with your chosen CA for accurate pricing details. Remember, this is an annual cost that you will need to budget for if you plan on continuing to use BIMI and VMC.
- Timelines: The time it takes to process a VMC application can also vary. Generally, you should expect the process to take between a few days to several weeks. This timeline depends on multiple factors, including the efficiency of your chosen CA, the complexity of verifying your trademark, and the completeness of the information and documents you provide.
- Renewal: VMCs are not perpetual and will need to be renewed periodically. The renewal process is similar to the initial application, although it may be quicker because your information and trademark are already on file with the CA. Be sure to keep track of your VMC's expiration date to avoid any interruption in your logo display.
Understanding these costs and timelines will help you plan and budget for your VMC application effectively. It's recommended to start this process well in advance of when you want your logo to start appearing in your outbound emails.
Future of VMC: Including Non-Trademarked Logos
The Verified Mark Certificate (VMC) landscape is evolving, and one significant anticipated change is the inclusion of non-trademarked logos. Currently, a VMC requires a registered trademark for your logo, validating your organization as the legal owner. This approach strengthens email security and trust, as it makes logo spoofing more difficult for malicious entities.
However, this stipulation may change in the future. The BIMI Group, the entity responsible for developing and maintaining BIMI standards, is considering expanding the eligibility criteria to include logos that are not trademarked. This change will make the VMC and its associated benefits accessible to a wider range of organizations, particularly smaller businesses or nonprofits that may not have registered trademarks.
This potential change is an exciting development in the world of email security and branding. It underscores the ongoing commitment to making email communication more secure and visually engaging, all while maintaining a high level of trust between organizations and their email recipients.
Step 4→ BIMI Records
Official BIMI organization website
To get a more detailed guide on Step 4 - Please consult our dedicated guide on - Step 4 → BIMI Record
Adding your brand logo to your outgoing email
You've made it to the final step! This stage will guide you on how to create your Brand Indicators for Message Identification (BIMI) record, integrate it into your DNS records, and assist you in verifying its functionality. If necessary, we'll also help you troubleshoot any hiccups along the way.
The finish line is in sight! By successfully adding your BIMI record, you'll be able to display your logo in your emails and secure that coveted verified blue Gmail checkmark.
What will be covered in Step 4?
- Understanding BIMI Records
- Creating a BIMI Record
- Adding Your BIMI Record to Your DNS
- Validating Your BIMI Record
- Troubleshooting possible problems
Understanding BIMI Records
Brand Indicators for Message Identification (BIMI) records are a type of Domain-based Message Authentication, Reporting, and Conformance (DMARC) policy. They link a brand's verified logo with their domain. When set up properly, supported email clients will display this logo next to emails from the domain, providing visual authentication.
BIMI records play a pivotal role in email security. They provide a visual check against phishing and email spoofing by displaying your verified logo in the recipient's inbox. This gives instant recognition and trust. BIMI records improve email security and deliverability by showing that your emails are legitimate.
Creating a BIMI Record
Your BIMI record is a string of text that incorporates the URL where your company's Scalable Vector Graphics (SVG) logo is located. To craft your own record, refer to the examples provided in this section.
Creating a BIMI record using an official BIMI record generator:
The BIMI record generator simplifies this process by taking the brand's logo and DNS details and automatically generating a BIMI record, which can then be added to the brand's DNS settings.
https://bimigroup.org/bimi-generator/
Examples and types of BIMI records
In the syntax of BIMI records, it's crucial to distinguish between the number 1, the uppercase 'I', and the lowercase 'l'. They may look alike but are fundamentally different and can change the meaning of your BIMI record.
1. Example of a BIMI Record that includes a VMC:
This record comprises two example URLs which should be replaced with the URLs of your BIMI files:
- The URL where your SVG logo is stored on your public web server.
- The URL for your VMC on your public web server. Note that Gmail requires a VMC to display BIMI logos in Gmail's inbox.
2. Example of a BIMI Record that does not include a VMC:
Remember to replace the example URLs with the precise locations of your files to successfully create and utilize your BIMI records.
Add your BIMI record to your DNS manager
To activate BIMI on your domain, you need to create a DNS TXT record for BIMI through your DNS manager.
If you require assistance with adding a DNS record to your DNS manager, you can contact us for assistance through our contact form. Please note that the process can differ from one provider to another.
To add a DNS TXT BIMI record to your domain, follow these steps
1 - First, log into your domain DNS management console. (example in CloudFlare)
2- Input the required values into the form designated for your domain provider's DNS records:
3- Save the record and verify it is correctly displaying in the DNS Manager:
Validating your BIMI Record
Using this tool, you can ensure that your BIMI record has been correctly added and is properly propagated. Don’t forget that it can take up to 48 hours to fully propagate.
https://bimigroup.org/bimi-generator/
Troubleshooting Common BIMI Record Issues
Logo Not Displaying in Recipient's Inbox
- Possible Causes: The most common causes are incorrect or invalid BIMI record syntax, a BIMI record that isn't correctly connected to your DNS, or SVG files that don't meet the standards or are unreachable.
- Remedial Steps: Review your BIMI record syntax to ensure it matches the format needed. Verify that your SVG file is reachable from the internet and meets BIMI standards. Also, check that your BIMI record is properly linked to your DNS.
Messages From Your Organization Are Sent to Spam
- Potential Reasons: This could occur due to weak or non-existent DMARC policies, an email system that's not properly authenticated, or content within your messages that email clients perceive as spam.
- Ways to Fix the Issue: Strengthen your DMARC policies and ensure SPF and DKIM records are properly set up to authenticate your email system. Also, review the content of your messages to ensure they don't contain elements often associated with spam, such as aggressive promotional language or an excessive number of links.
Need help?
We understand that setting up a BIMI record can be quite intricate and, at times, daunting. If you're encountering difficulties or are simply unsure about certain aspects, don't worry, we're here to help!
We have a team of experts ready to assist you in making this process as smooth as possible. Feel free to fill out our contact form, and we'll get in touch with you for free guidance and troubleshooting.