Tag Archives: Email Delivery

The SPF Struggle is real – What happened at reddit?

We’ve talked about SPF Limits and SPF Flattening in the past. There is simply too much demand to get into the SPF record. Whether it’s adding a new sender or an existing sender updating and include, senders sometimes necessarily and sometimes lazily add too many lookups into your SPF record. In fact, one well-known CRM goes so far as to write dynamic macros in their SPF record to avoid hitting the 10 include limit.

What is the issue?

Currently, reddit has published an SPF record with too many includes, meaning that during email delivery, the last includes to be checked are dropped. This could leave one or more of reddit’s legitimate senders appearing to be spam or phishing because email from these senders will fail SPF Authentication.

In addition, reddit is running a DMARC policy of “reject”. While it is up to the individual Inbox Provider, a DMARC reject policy instructs the recipient systems to reject email that is not DMARC compliant, which means trashing any email that fails SPF Authentication. Essentially, there is an unknown amount of email from reddit that cannot be delivered, potentially affecting accounts, customers, purchases, etc.

What can they do?

There are several ways to get your SPF record below the 10 lookup threshold:

  • Manual or Automatic SPF Flattening as discussed in our blog.
  • Reducing the number of senders.
  • Splitting email sending across multiple domains or subdomains with separate SPF records.

All of these options have pros and cons. Many senders do not want to lose the cache of their primary domain, some cannot consolidate vendors to reduce SPF complexity, and some SPF records cannot be easily manually flattened. Even if you get below the threshold today, vendors may add new includes to their SPF records tomorrow pushing you over the threshold again.

What’s going to happen?

With a proper DMARC reporting and management system, like MxToolbox Delivery Center, they should already be seeing SPF failures and working to fix their SPF record. In the short-term, reddit will see some of their email bounce, in the long-term, this could cause their domain to have serious reputation issues.

How can MxToolbox help?

You first need to know if you have a problem before solving it.  MxToolbox offers a Free SPF Lookup Tool where you can check your real-time SPF configuration for errors, including the risk of “Too Many Includes”.  We also have a suite of Email Delivery tools to help you manage DMARC, SPF and DKIM and get your email to the Inbox.

It’s Time for BIMI

For the last few years, we’ve been on the fence about when it would be time to implement BIMI. Often, it seemed like the ability to adopt BIMI would only be there for large companies with substantial email marketing budgets. However, support for both Common Mark Certificates as well as Verified Mark Certificates makes BIMI much more accessible for small and medium businesses. We now think BIMI is ready for everyone!

What is BIMI?

BIMI is a DNS technology that allows you to define a logo to appear next to your email subject lines or next to your messages in major Inbox Providers’ web-based, computer and mobile clients. Essentially, your mail will be branded with your logo giving you more exposure and potentially creating an edge over your competitors.

An example of the MxToolbox Logo displayed next to our email in Google’s web client.

Note: BIMI is different from simply being a GSuite-using company in that your BIMI logo will appear at Yahoo!, Le Post and many other web-based, computer and mobile email clients, not just the Google Inbox.*

How do you adopt BIMI?

To be BIMI compatible, you need to have your email configuration setup properly. Inbox Providers need a level of trust before they will include your logo as it appears to be an endorsement of sorts for your brand.

  • You must adopt DMARC, DKIM and SPF
  • Your email must be DMARC compliant
  • Your DMARC policy must be at 100% Reject
  • Your BIMI record must be setup correctly with a properly formatted SVG file
  • You must have a Common Mark Certificate or Verified Mark Certificate for your logo

How does MxToolbox help?

MxToolbox recently released a comprehensive answer to the issues of BIMI setup, management and maintenance. MxToolbox Delivery Center provides everything you need to:

  • Setup SPF, DKIM and DMARC for your Domain
  • Carefully migrate to a DMARC Reject policy
  • Setup your BIMI record
  • Verify compatibility of your SVG image
  • Monitor your certificates for expiration
  • Manage the on-going changes to the BIMI standard

Learn more on our BIMI feature page.

*A previous version of this blog included Microsoft Outlook.com. At this time, Outlook.com does not support BIMI.

The Double-Edge Sword of Generative AI and Email

For most people doing creative marketing work, Generative AI can be a huge asset. You can write white papers, create tag lines for ads, and develop new email campaigns quickly and easily. But, there are downsides to all of this productivity…

Losing your voice

Your voice, your brand, your identity. Losing this is easy if you are not careful how you deploy generative AI. Generative AI has its own voice, so you need to apply your brand to it before deploying the content it generates. Make sure it uses your verbiage, your terms and reflects your brand. If you don’t, you risk blurring into the background noise from all the other brands deploying generative AI in their campaigns. While Google, Yahoo! and Outlook.com have not disclosed policies or filters looking for generative AI, they are at the forefront of the technology, so you can be sure they are!

Going All -In

It may seem like a good idea to ramp up your outreach programs, especially email, now that you have a virtually unlimited source of content. Unfortunately, that can make your email delivery worse. Higher volumes of email can trigger greater scrutiny at Inbox Providers like Google, Yahoo! and Outlook.com, which could make it more difficult to make the Inbox. Further, you could induce email fatigue in your recipients. Fatigued users are:

  • Less likely to open your emails
  • More likely to mark them as Spam
  • More likely to Unsubscribe

Rather than increasing the quantity of your interactions, you should be looking to increase the quality: Better content yields better results.

Generative AI Phishing

If you can use Generative AI to create content for your legitimate business, rest assured that spammers, scammers and fraudsters are already fully embracing the ability to generate huge quantities of malicious content. This means that it is even more important to educate your teams about phishing scams and improve your email security.

In addition, it is now more important to protect your brand from being used in phishing attacks by adopting a DMARC Reject policy. Adopting DMARC and setting your DMARC policy to Reject will tell Inbox Providers to trash any email that appears to come from your domain that is not DMARC compliant. This makes it harder for phishing scammers to send email that appears to come from your domain. DMARC reject policies also enable you to adopt BIMI, which will get your brand logo into the Inbox alongside your email.

How MxToolbox Helps

MxToolbox is the expert in email delivery and email technologies. Our suite of email tools, Delivery Center, provides you with everything you need to:

  • Adopt DMARC
  • Get DMARC to a Reject policy
  • Adopt BIMI
  • Measure Inbox Placement
  • Manage the on-going maintenance of adopting new email technologies
  • Notify you of issues while they’re occurring to enable quick resolution and damage control

If this sounds complicated, MxToolbox also offers Managed Services team that can help you setup DMARC, DKIM, SPF, BIMI and get your domain aligned with Google, Yahoo! and Outlook.com bulk sender policies.

Domain Reputation – Google’s Hidden Blocklist

Inbox Providers like Google, Yahoo! and Outlook.com are constantly evolving new ways to ensure that the email making their inboxes is safe, timely and relevant to their users. At their disposal are multiple layers of email technology protection:

  • TLS Encryption for connection
  • Blacklists (both internal and external)
  • DMARC Compliance (SPF Authentication, SPF Alignment, DKIM Alignment)
  • Spam Content Scoring Rules
  • Bulk Sender Spam Reporting Rules
  • Individual Spam/Junk Rules

In past blogs, we’ve discussed each of these layers, including Google’s Content Reputation checks. Today, we’ll discuss what we know about Google’s proprietary blocklists.

Blocklists come in two forms:

  1. A list of IP addresses that have sent spam or dangerous emails or should not be sending email at all.
  2. A list of Domains that have been used in fraud, phishing or spam emails.

Google employs both types of blocklist to limit the risk of spam email making their Inboxes. But, how does Google determine what IP addresses and domains to block?

Google’s Blocklist Logic

Traditional blocklists use a variety of methods to determine what IP addresses or Domains are threatening. Often these include networks of spam traps, honey pots and feedback from inbox owners. Google appears to leverage both commercially available IP blocklists and their own proprietary logic. Staying off a commercial blocklist is therefore the first step in making the Google inbox.

Google has access to more inbox data than any other Inbox Provider. They can leverage Customer Sentiment and Behavior to create an aggregate picture of incoming email from an IP address or domain. This works in a few ways:

  • Email from IP addresses that were marked as spam gives that IP address a negative reputation. Google tracks the ratio of those emails received to those marked as spam. Over a certain threshold, this sentiment causes the IP address to be blocklisted for all senders from that IP.
  • Email domains are similarly tracked across all inboxes. Over a certain threshold of users marketing the email as spam, all email from that domain will be marked as spam.
  • Email containing content that is similar to content from blocklisted IP addresses or domains is automatically placed in the spam folder.
  • Email domains with a persistent poor reputation maybe placed on a complete blocklist and fail delivery entirely.

How can you stay off Google’s Blocklists?

Staying off of Google’s Blocklists is similar to staying off any blacklist, with a few additional considerations:

  1. Maintain good email list hygiene. Remove old and unreactive email addresses to reduce the risk of being marked as spam.
  2. Use an email marketing service that spreads your sent email over multiple dedicated IP addresses for marketing campaigns. This reduces the risk of IP blacklisting.
  3. Do not use purchased email lists. These may contain aged, or spam trap inboxes or inboxes that have been filled. In addition, purchased lists are very low quality, increasing the risk that your email will be marked as spam and blacklisted.
  4. Use separate domains or subdomains for marketing, transactional and person-to-person email. This reduces the risk of your business email becoming blacklisted by a bad marketing campaign.
  5. Reduce the frequency of your marketing campaigns. Recipients are more likely to mark email as spam if they feel overwhelmed.

How do you recover your reputation?

If you have landed on Google’s Domain Blocklist, you have a difficult time ahead. All email may be completely refused or immediately sent to the Spam folder. Recovery takes time and patience. If you haven’t already, take the time to go through the steps listed above. Within a few weeks, you should see acceptance rates and open rates improve. If not, you have a more serious issue, Google has permanently blocked your Domain. Your only recourse may be to create a new domain from which to send email.

How does MxToolbox help?

MxToolbox Delivery Center provides the email delivery management and monitoring that you need to keep your messages flowing.

  • Monitor DMARC compliance rates across all senders
  • Closely monitor your Gmail Spam rate.
  • Check your email for 1-Click Unsubscribe, a requirement of Google and Yahoo! bulk sender rules
  • Analyze your campaigns for other potential reasons to miss the inbox with Inbox Placement 
  • Notify you of issues while they’re occurring to enable quick resolution and damage control

If this sounds complicated, MxToolbox also offers Managed Services team that can help you setup DMARC, DKIM, SPF, BIMI and get your domain aligned with Google’s bulk sender policies.

Why Blocklist is really the correct term

For decades, the industry has used the term “blacklist” to refer to IP addresses that have sent spam or domain names included in spammy email, but that’s not really what these lists are. Aside from other issues with the term “Blacklist” (ahem, thank you James Spader) it really is not the most appropriate. Let’s examine the real definitions for email:

Blocklist/Blacklist

A list of IP addresses or domains that should not be trusted because the IP address has sent email to a spam trap, sent email repeatedly marked as spam or may be misconfigured in such a way to encourage spam or other nefarious activity. Domains listed have been included in spam emails or are known to host malware.

Note: MxToolbox is not a blacklist/blocklist. We are not blocking your email, but curate a list of blocklists to provide information about who has listed your IP address or domain as problematic. In some cases, we can help you get delisted, but, in general, you’ll need to work with the blocklist to be removed. There are details on how to be delisted on the Problem Details page for each blocklist. As always, DO NOT PAY to be delisted.

Allow-list/Whitelist

A list of IP addresses that are highly trusted. This is usually used for VPNs, internal traffic, etc. where that IP address should always be allowed.

Note: When dealing with Blocklists, do not ask to be “Whitelisted” as you are not completely trusted. Ask to be “Delisted” and be prepared to prove that you have fixed the issue that caused your IP to be listed.

De-list/Greylist

If you are not 100% trusted, or not mistrusted by being blocklisted, then you are unlisted, or as some would say, “greylisted”. In reality, no company is going to go through the exercise of listing every single IP address that is not Blocklisted or Allowed, so those IP’s are simply unlisted, but still not 100% trusted. Typically, email from an unlisted IP goes through a multi-step process to determine if the email should be allowed in the inbox.

MxToolbox Aids Email Delivery

Focus on the basics of Email Delivery: Technologies like SPF, DKIM and DMARC, and Best Practices in email list management and content relevance. Once your DMARC configuration is really set, then issues like blacklisting are actually more rare and less damaging to your email delivery. Get started today with MxToolbox Delivery Center to get to the Inbox.

Email Definitions: Bulk vs Transactional

In an effort to weed out spam and make email more relevant, Google and Yahoo! have recently made changes to their Bulk sender requirements that affect all legitimate email senders. But, what are the definitions of “Bulk” sender and “Bulk” email and how does that affect your email mix?

The Effect

Google and Yahoo! will now require bulk email from bulk senders to pass will SPFDKIM, and DMARC compliance checks to be considered for delivery and provide a 1-Click Unsubscribe button. Failure to meet these requirements will result in short-term warnings, medium-term placement in Bulk or Junk folders and long-term email rejection. Normal business correspondence, Transactional Emails and senders who do not meet “Bulk Sender” status are exempt from the requirements.

What is Transactional Email?

A transactional email is any email sent with to a single user or account for a single purpose, typically in response to that user’s actions or interactions with the sender and typically with user or account specific content. Good examples of transactional emails are:

  • Account Creation Acknowledgements
  • Account Update Notifications
  • Login/2-factor Notifications
  • Password Changes
  • Order Acknowledgement
  • Invoices or Order Summaries
  • Shipment Notifications
  • Usage Summaries
  • Billing or Credit Card Issues (failure, update necessary, etc.)
  • Account Termination
  • Reminders

What is Bulk Email?

Bulk email is any email that is sent in large quantities or with marketing content. Examples of bulk email include:

  • Newsletters
  • Limited-time Offers
  • Sales/discounts Campaigns
  • Event Announcements 
  • Vouchers, Coupons and Giveaways
  • Transactional Emails with any of the above content

That last one is the kicker. Any transactional email that contains marketing content could count as a bulk email. If you are layering your marketing content into transactional email, you should stop now.

What is a Bulk Sender?

The definition of a Bulk Sender requires sending bulk email but also varies across Inbox Providers. We’ll use the parameters that are the most conservative. The important thing to know: Once you’re labeled a bulk sender, you are forever a bulk sender. Therefore, it’s important to use email best practices when sending messages.

Email Volume

You could be classified as a bulk sender for sending any email to more than one person. While Google requires a single 24-hour period volume of at least 5000 emails to be classified as a Bulk Sender, Yahoo! has refused to define a volume limit. MxToolbox therefore recommends adhering to the bulk sender limits if you send any bulk/marketing email.

Emailing Domain

Email counts are by primary emailing domain. This means that all subdomains are included. So, emails from example.com, and email.example.com and marketing.example.com are all included in the message count.

Email Content

Email volume limits only look at Bulk Email. But that definition is based upon content. Again, most importantly, remove marketing content from transactional email to ensure that it is not classified as bulk.

How Can MxToolbox Help?

Tools like MxToolbox Delivery Center provide deep insight into your DMARC, SPF and DKIM configurations allowing you to meet basic requirements for Bulk Senders. In addition, our Inbox Placement feature will tell you if your campaigns are being sent to the Spam/Junk folders or actually making it to inboxes, as well as which Inbox Provider(s) you are having trouble sending to.

MxToolbox is the Expert on email delivery. We offer a wide range of email delivery services, including a fully managed email delivery service, so be proactive now and take advantage of them before these Bulk Sender guidelines affect your email.

Think that you’re on Google’s Blacklist?

Unfortunately, it’s more complicated than that… 

Blacklists have been losing relevance

Blacklists have been a first line of defense against malicious emails since the dawn of the Internet. Every marketer knows that if their sending IP addresses are on a blacklist, their messages are going to be denied. Most email marketers long ago moved to 3rd party senders with large blocks of IP addresses to limit the risk. If legitimate senders can easily change IP addresses, so will spammers, somewhat limiting the long-term value of an IP-based blacklist. Google, Yahoo! and other Inbox Providers know this and have been developing alternative technologies for years.

Blacklists are only the first layer of protection

Blacklists are still relevant for blocking large networks of bad actors and increasing the difficulty of sending spam, however, Inbox Providers like Google and Yahoo! have long taken a layered approach to Inbox Placement. Rather than relying on a simple binary approach with a Blacklist, Inbox Providers use:

  • TLS Encryption for connection
  • Blacklists (both internal and external)
  • DMARC Compliance (SPF Authentication, SPF Alignment, DKIM Alignment)
  • Spam Content Scoring Rules
  • Bulk Sender Spam Reporting Rules
  • Individual Spam/Junk Rules

If you are a legitimate sender of emails, more than likely, you are not on Google’s Blacklist. More likely, your email is being filtered by these other layers of their inbox protection.

Google is making changes to Bulk Sender Rules

Both Google and Yahoo! have announced changes to their Bulk Sender policies for 2024. Bulk Senders are any senders with more than 5000 emails per day. These senders will now be required to:

  • Maintain SPF, DKIM and DMARC Compliance
  • Have a 1-Click unsubscribe link on every email
  • Maintain a rate of messages marked as Spam less than 0.3% (or 1 in 333 message marked as spam

While Google and Yahoo! represent a large portion of hosted Inboxes, other Inbox Providers will keeping a close eye on these changes. Expect similar conditions for accessing Office365/Outlook.com and other major Inbox Providers in the near future. In addition, we expect that Google and Yahoo! may revisit and strengthen the volume and spam rate requirements.

How Can MxToolbox Help?

To maintain access to the Google Inbox, you need tools like MxToolbox Delivery Center. Our suite of email delivery tools helps your sending domain achieve the best possible email delivery rates, including issues with SPF, DKIM and DMARC. More importantly, our Inbox Placement feature will tell you if your campaigns are being sent to the Spam/Junk folders or actually making it to inboxes, as well as which Inbox Provider(s) you are having trouble sending to.

MxToolbox is the Expert on email delivery. We offer a wide range of email delivery services, including a fully managed email delivery service, so be proactive now and take advantage of them before these new 2024 guidelines are applied to your outgoing newsletters and marketing campaigns.

Google expands support for BIMI: Is it time to dive in?

Google recently rolled out additional support for BIMI through their Gmail.com webmail application and mobile apps.  Since Google is one of the largest Inbox Providers in the world, this should be an exciting step forward for BIMI and for Marketers wanting to reach potential customers.  (For more information on BIMI, click here.)

Google’s Implementation

On Gmail.com and Google mobile applications, users will see a checkmark and BIMI logo next to an opened email as in the image below.  In addition, Google mobile applications will display the logo next to the sender in the Inbox view by the subject line.  BIMI logos should lead to an uptick in Open Rates and Click-through Rates because of additional confidence in the “certified” origins of these emails.

In order to have your logo displayed, Google requires you to:

  1. Setup SPF, DKIM and DMARC
  2. Have a DMARC Policy set to 100% Reject for email failing DMARC
  3. Generate and post a correct BIMI logo
  4. Have a Verified Mark Certificate (VMC)

The first two steps will dramatically improve a sender’s email delivery and email reputation.  Adopting DMARC gives Inbox Providers more assurance that your email is legitimate and not spam, while a strict DMARC policy prevents your email domain from being used in phishing and fraud attacks.  A VMC is designed to protect both Google and your brand by certifying the owner of the logo and domain.  Unfortunately, a VMC costs roughly $1100-$1500 annually per Email Sending Domain, which makes it expensive for many small businesses.

What other Inbox Providers support BIMI?

The BIMI working group has a list of all current Inbox Providers that support BIMI.  The good news is that big, global Inbox Providers like Apple, Yahoo!, and now, Google support BIMI as do several smaller or local providers like Fastmail and LaPoste.  This list appears to be growing.

Unfortunately, consistent logo display is an issue.  Many Inbox Providers only have partial support for BIMI or support different rules for displaying BIMI logos online vs via mobile applications.  In addition, many providers do not support BIMI logos in the Inbox view, where most people make the decision on whether or not to open the email.  This reduces the impact to Open Rates and subsequent downstream effects, like Click-through rates and Sales.  

MxToolbox Expert Take

Increased support for BIMI is a great sign for the technology.  After over four years of moving glacially forward, we’re hopeful that this will increase the pace of BIMI adoption.  To a Marketer, the idea of having your logo proudly displayed next to your verified email in the Inbox both increases the chance of the recipient opening the email and improves the reputation of the brand. 

There are Drawbacks

However, the current level of support does not entirely live up to that promise: few Inbox Providers display the logo in the Inbox where Open Rates will be affected. In addition, the extra expense associated with a Verified Mark Certificate might be considered burdensome for many small businesses, leaving gains to the larger businesses and brands.  While the extra security from a VMC is like that of an SSL certificate for ecommerce, the additional value BIMI provides may not be there for every brand yet.  

There are Alternatives

Finally, both Google and Microsoft already have other ways to display user images or logos in the message view of an individual email.  If the sender is a Google Workspace user, their preferred image will be displayed in the same spot as the BIMI logo.  Microsoft offers Microsoft Business Profile program to create a unique identifier card. Office Web Apps in Office 365 and Outlook.com use the verified icon provided to Microsoft when a company joins the program.  A savvy marketer might be able to get much of the BIMI effect from these alternatives.

MxToolbox Recommendation

Focus on the basics of Email Delivery: Technologies like SPF, DKIM and DMARC, and Best Practices in email list management and content relevance. Once your DMARC configuration is really set, then think about icing the cake with BIMI.  To get started with BIMI, check out our Knowledge Base and free BIMI Lookup tool.

Adopting DMARC and getting DMARC to a strict policy is imperative for good email delivery and adopting BIMI. Get started today with MxToolbox Delivery Center.

Do you know what you don’t know about your email?

As a marketer, I typically know if a prospect opens my email, clicks on a link or buys a product.  All 3rd party email marketing tools provide this information.  But, what happened before the Open?  

Did the email make it to the Inbox?  

Did it get delivered to the Spam or Junk folder?

Does my language, text, grammar or content seem spammy?

Did my email configuration affect my open rates?  

Are my 3rd party senders blacklisted or otherwise hurting me?

Are my prospects complaining about me to their Inbox Providers?

There are many layers protecting inboxes from spam and undesired email. Your business needs a strategy to ensure that your email passes through each layer to reach the recipient.   Your open rates will thank you. 

What can you measure?

Actually, with the right tools, you can get answers to all these questions.  Inbox Providers like Google, Yahoo!, and Office365 wants their inboxes to show relevant email so they provide data via DMARC Reports and Feedback Loops to help legitimate businesses.  Neglecting these key resources is equivalent to driving in traffic without a GPS: you don’t know what traffic incidents or twists and turns are waiting for you.

How does MxToolbox Help?

Inbox Placement

Will your email make the Inbox, Junk folder, Spam folder or fail to get delivered?

Inbox Placement allows you to test prospective campaigns with the most common Inbox Providers – Google, Yahoo! and Office365.com.  We’ll tell you if the email is delivered and to what folder.  We’ll even analyze the contents of your email to give you MxTips(™) to improve your inbox placement.  Some simple tweaks to verbiage or construction can often improve Inbox Placement tremendously.  

DMARC Reporting

Is your email configuration affecting your email delivery?  Are all your emails SPF, DKIM and DMARC compliant?  

To optimize your email delivery, and get your message heard, you need to constantly analyze and manage your email configuration.  Inbox Providers will send out DMARC digests giving you data on your SPF, DKIM and DMARC pass rates.  With this data, you can determine if you have senders missing from your SPF records, DKIM issues, or potential risks from fraud and spoofing.  MxToolbox Delivery Center gives you all the tools you need to take DMARC data and turn it into actionable email delivery insight.

Feedback Loops

Did a recipient complain about receiving your email to their Inbox Provider?  Did the recipient mark it as unsubscribed with the Inbox Provider?  Was the email address invalid or shut down?

Many Inbox Providers offer feedback loops or complaint mechanisms to validated emailers.  Once configured, you can get information on email addresses and campaigns and how recipients view your emails.  Analyze your recipient complaints, remove complainers, unsubscribers, and closed email boxes to massively improve your email delivery. MxToolbox Delivery Center allows you to configure and aggregate complaints across Inbox Providers to get insight into how your campaigns are perceived by recipients.

Adaptive Blacklist Monitoring

Are your 3rd party ESPs blacklisted and harming your email delivery?

Due to the nature of their business, 3rd party emailers will always have a few IP addresses blacklisted and it is probable that some portion of your email will be sent from a blacklisted IP address.  This only becomes an issue when a significant amount of your email from that provider is sent from blacklisted IP addresses.  MxToolbox Delivery Center included Adaptive Blacklist monitoring to detect, via DMARC, the IP addresses being used to send your email and analyze the blacklist status of the IP when the email was sent.  You’ll know if your 3rd party ESP is helping or harming your email delivery.  

Is BIMI Dead?

When Google, Yahoo and Apple announced their email applications would support BIMI, it appeared that BIMI was ready to become an important standard in email marketing. Think about it: Your precious logo directly attached to every email you send, right there in the subject line. You get instant brand recognition and, thanks to the DMARC requirement, trust.

But, BIMI adoption is hitting some serious speed bumps…

What’s going wrong?

BIMI has two major technical issues and one misconception contributing to slow adoption by businesses. Let’s start with the misconception.

BIMI Requires Strict DMARC policies

In order for an email to even be considered for BIMI, the sending domain must have implemented DMARC, must send DMARC compliant email and must configure their DMARC policy to 100% Reject or Quarantine. The major misconception we hear from our customers is: “Strict policies might stop some legitimate email from getting to the recipient”.

There is some truth to this, so, let’s break it down:

  • Email that is not DMARC compliant is inherently assumed to be suspect by the Inbox Provider.
  • Email that is DMARC compliant has a higher trust level.
  • Strict DMARC Policies instruct the Inbox Provider to stop non-compliant email.
  • Inbox Providers may choose to ignore or accept DMARC policies, but most incorporate them into their inbox placement algorithms.

Regardless of your DMARC policy, non-compliant email will be suspect, however, with a stricter policy ALL your compliant email will have a higher trust level. Going to a strict DMARC policy is better for your email delivery. You can fix a temporary compliance issue, earning trust is hard.

MxToolbox Delivery Center was designed to help keep all of your legitimate email DMARC compliant and quickly alert you to areas of non-compliance to keep your email deliverability at the highest level.

Getting a BIMI-Compliant Logo can be Difficult

The BIMI standard requires a square logo that reflects the brand of the domain, formatted in SVG, that meets very specific requirements and often requires “a few manual tweaks”. For most of our clients attempting to adopt BIMI, MxToolbox has found that getting a BIMI-compliant logo to be time-consuming and difficult. Until this process is simpler, companies will struggle to adopt BIMI.

Most BIMI Inbox Providers Require a Certificate

The BIMI Group originally made BIMI completely open on the assumption that achieving DMARC-compliance with strict policies was sufficiently difficult to prevent spoofing. However, spammers and fraudsters are quite savvy and capable of adapting quickly. For example, grab a BIMI logo from a legitimate company like Bank of America, setup a fake domain like BanofAmerica.net with SPF, DKIM, DMARC and BIMI and start spamming. It looks legitimate enough to fool the average spamming target and leverages a known brand’s legitimate logo.

To combat this potential loophole, BIMI Inbox Providers are requiring an evidence document called a Verified Mark Certificate (VMC) issued by a 3rd-party authority like DigiCert or Entrust Datacard. These authorities investigate your domain and issue a credential that certifies your DMARC and BIMI setup and issues a certification specific to your domain. This is similar to having a Secure Certificate for SSL/HTTPS.

The speed bump for BIMI adoption is that there are only two VMC issuers at present and the cost is $1100-$1500 per year, per domain. While this is negligible for big, well-known brands, smaller companies or companies with multiple domains may be priced out of the market further reducing the potential of BIMI.

The MxToolbox Expert Take

BIMI has become a bit of a moving target that makes it difficult to recommend at present. While our team of experts stands by to help you adopt SPF, DKIM, DMARC and BIMI, we no longer see BIMI as being essential or urgent until the standard stabilizes and/or the costs decrease.

Adopting DMARC and getting DMARC to a strict policy is imperative for good email delivery and adopting BIMI. Get started today with MxToolbox Delivery Center