Add BIMI support to Mailserver
-
More and more mail clients are supporting BIMI for for digital certifying mails and show logo as proof.
What is BIMI?
Brand Indicators for Message Identification or BIMI (pronounced: Bih-mee) is an emerging email specification that enables the use of brand-controlled logos within supporting email clients. BIMI leverages the work an organization has put into deploying DMARC protection, by bringing brand logos to the customer’s inbox. For the brand’s logo to be displayed, the email must pass DMARC authentication checks, ensuring that the organization’s domain has not been impersonated.With BIMI you can:
Display your logos on your emails.
Control the logos that display with your email messages.
Cultivate immediate brand recognition and enhanced user experience.More information:
https://support.apple.com/en-us/HT213155
https://developer.apple.com/support/bimi
https://bimigroup.org -
I have never heard of this standard before or seen it somewhere out in the wild. Are there some screenshots you might be able to share so I can get a better understand what this is for?
-
I have never heard of this standard before or seen it somewhere out in the wild. Are there some screenshots you might be able to share so I can get a better understand what this is for?
@jayonrails there's a screenshot at https://github.com/roundcube/roundcubemail/issues/8143
-
I have never heard of this standard before or seen it somewhere out in the wild. Are there some screenshots you might be able to share so I can get a better understand what this is for?
@jayonrails
In Apple Mail on iOS :
-
I think so. You can see instruction on how to setup the record here - https://learn.microsoft.com/en-us/dynamics365/marketing/bimi-support
Setup a TXT record
default._bimi.<domain>with valuev=BIMI1; l=https://domain.com/logo.svg. SVG has to be less than 32 kilobytes. -
Will small, family owned businesses also have access to this branding feature or does big tech have a monopoly on it?
-
-
@imc67 thanks for the link. I knew there’s a “gotcha” somewhere (step 3). No small business will be paying that much for acquiring a VMC and that’s one more obstacle tipping in the favor of big tech. It might be optional but I’m sure big tech will find way to exploit it.
-
I just followed and implemented all the steps (except VMC).
The BIMI audit report shows everything GREEN but also:
Note: While your BIMI record is compliant, it doesn't include a Verified Mark Certificate that may be required by some mailbox providers.The result when sending an email from Cloudron to an iCloud email address is that BIMI is in the headers but not shown because of:
Authentication-Results: bimi.icloud.com; bimi=skipped reason="missing evidence"When sending from Cloudron to Cloudron (other domain) there is nothing in the headers and thus not shown. I guess because the Cloudron mailserver can't handle it?
-
@imc67 thanks for the link. I knew there’s a “gotcha” somewhere (step 3). No small business will be paying that much for acquiring a VMC and that’s one more obstacle tipping in the favor of big tech. It might be optional but I’m sure big tech will find way to exploit it.
@humptydumpty said in Add BIMI support to Mailserver:
paying that much
wow indeed, its 1200 to 1400 $ a year!!
Hope Let's Encrypt also jumps into this!
-
@humptydumpty said in Add BIMI support to Mailserver:
paying that much
wow indeed, its 1200 to 1400 $ a year!!
Hope Let's Encrypt also jumps into this!
-
I just followed and implemented all the steps (except VMC).
The BIMI audit report shows everything GREEN but also:
Note: While your BIMI record is compliant, it doesn't include a Verified Mark Certificate that may be required by some mailbox providers.The result when sending an email from Cloudron to an iCloud email address is that BIMI is in the headers but not shown because of:
Authentication-Results: bimi.icloud.com; bimi=skipped reason="missing evidence"When sending from Cloudron to Cloudron (other domain) there is nothing in the headers and thus not shown. I guess because the Cloudron mailserver can't handle it?
@imc67 said in Add BIMI support to Mailserver:
When sending from Cloudron to Cloudron (other domain) there is nothing in the headers and thus not shown. I guess because the Cloudron mailserver can't handle it?
Yes, there is no BIMI checks on the server side. Even if it's there not sure if it's useful since no client I am aware of supports it.
-
While BIMI seems a good idea, the whole Verified Mark Certificate (VMC) is ridiculous. It seems pretty much designed for big tech
Like who will pay 1500 bucks a year for this?For future reference, if anyone wants to shell out 1500
, the DNS has to look like this:default._bimi.domain.com TXT v=BIMI1; l=https://domain.com/logo.svg; a=https://domain.com/verified-mark-certificate.pem -
While BIMI seems a good idea, the whole Verified Mark Certificate (VMC) is ridiculous. It seems pretty much designed for big tech
Like who will pay 1500 bucks a year for this?For future reference, if anyone wants to shell out 1500
, the DNS has to look like this:default._bimi.domain.com TXT v=BIMI1; l=https://domain.com/logo.svg; a=https://domain.com/verified-mark-certificate.pem
