Back to Validator

Help Topics

Quick Actions

→ Back to Validator

How to Publish a BIMI DNS TXT Record

Publishing a BIMI DNS TXT record is the final step in setting up BIMI for your domain. This guide will walk you through the process of creating and publishing your BIMI record correctly.

⚠️ Prerequisites

Before publishing a BIMI record, ensure you have:

  • ✅ DMARC policy set to p=quarantine or p=reject
  • ✅ A BIMI-compliant SVG logo hosted on HTTPS
  • ✅ (Optional) A Verified Mark Certificate (VMC) for Gmail support
  • ✅ Access to your domain's DNS management

📝 BIMI Record Format

Basic BIMI record (logo only):

v=BIMI1; l=https://example.com/logo.svg;

BIMI record with VMC (for Gmail checkmark):

v=BIMI1; l=https://example.com/logo.svg; a=https://example.com/vmc.pem;

Record Components:

v=BIMI1
Version tag (required). Always use "BIMI1"
l=<URL>
Logo location (required). Must be HTTPS URL to SVG Tiny PS file
a=<URL>
Authority evidence location (optional). HTTPS URL to VMC PEM file

🚀 Step-by-Step Publishing Guide

Step 1: Prepare Your Assets

  • • Upload your SVG logo to a secure HTTPS server
  • • If using VMC, upload the PEM certificate file
  • • Ensure both URLs are publicly accessible
  • • Test URLs in a browser to confirm they load

Step 2: Create the DNS Record

The BIMI record must be published at:

default._bimi.yourdomain.com

This is a TXT record type.

Step 3: Add Record in DNS Provider

Common DNS provider instructions:

For most DNS providers:

  1. Log into your DNS management console
  2. Navigate to DNS records or Zone file
  3. Add new TXT record
  4. Set hostname/name to: default._bimi
  5. Set value to your BIMI record string
  6. Save changes

Example for common providers:

GoDaddy:
Type: TXT, Host: default._bimi, Value: [your BIMI record]
Cloudflare:
Type: TXT, Name: default._bimi, Content: [your BIMI record]
Route 53:
Type: TXT, Name: default._bimi, Value: "[your BIMI record]"

Step 4: Verify Your Record

After publishing (DNS propagation can take 1-48 hours):

  1. Use our BIMI Validator to check your record
  2. Or use command line: dig TXT default._bimi.yourdomain.com
  3. Verify all components load correctly
  4. Check for any validation errors

⚠️ Common Issues and Solutions

Record Not Found

  • • Check DNS propagation (can take up to 48 hours)
  • • Verify record name is exactly default._bimi
  • • Ensure it's a TXT record type

Invalid Syntax

  • • Check for missing semicolons
  • • Ensure URLs are quoted if they contain special characters
  • • Verify v=BIMI1 is present

Logo Not Loading

  • • Verify HTTPS (not HTTP) is used
  • • Check SSL certificate is valid
  • • Ensure no authentication required to access file
  • • Confirm correct MIME type (image/svg+xml)

✨ Best Practices

DO:

  • ✓ Use HTTPS for all URLs
  • ✓ Keep logo file under 32KB
  • ✓ Use a CDN for better performance
  • ✓ Monitor DMARC reports
  • ✓ Test thoroughly before going live

DON'T:

  • ✗ Use HTTP URLs
  • ✗ Require authentication for files
  • ✗ Use redirects for logo/VMC URLs
  • ✗ Forget the trailing semicolon
  • ✗ Use spaces in URLs

🎯 Next Steps

  1. 1. Validate your BIMI record using our BIMI Validator
  2. 2. Send test emails to Gmail/Yahoo to verify logo display
  3. 3. Monitor email authentication reports
  4. 4. Consider adding a Verified Mark Certificate for Gmail support