There are no shortcuts in email authentication and getting it wrong is remarkably easy, so you should always find an experienced consultant or expert to help you along the way. As Brand Indicators for Message Identification (BIMI) becomes more widespread with greater adoption by mailbox providers (MBPs), many marketers are looking for the DMARC set-up A-to-Z, as they are eager to get their logos in the BIMI program at Yahoo and be prepared for Google’s announced support in 2020. Unfortunately, it’s not as simple as 1-2-3.
There are a number of factors that make BIMI hard, and each domain or subdomain you include in the process adds an additional level of difficulty. For example, the DMARC set-up of a single corporate domain with no third-party vendors which only sends email from one host will be rather straightforward. You could likely accomplish a full reject policy in a very short period of time. A mid-level retailer with multiple vendors, however, might take a number of months to execute a full p=reject policy. A Fortune 500 with hundreds of domains and vendors managing the messaging platforms could take significantly longer and should be tackled one piece at a time in order to minimize risks to the business.Simply put, the more vendors your brand is working with, the more people you need to involve, and likely, the more modifications you need to make. Adjusting SPF records, ensuring DKIM support, and pushing for domain alignment as you work with your vendors will require a number of steps, from modifying or adding new subdomains to removing vendors not meeting your support requirements.
Though the process is anything but simple, if you’re looking for a basic checklist to review the overall process, look no further. But remember, some of these steps could take months to accomplish properly and they may not be easy to complete. Though all companies’ implementation plans will travel a similar path, each will experience different challenges and operate on independent timelines.
How to implement DMARC and BIMI for your domains:
- Run an inventory of all of your domains, even those not sending email.
- This will give you an idea of the project scope.
- If you know the active subdomains* used by your organization, record those as well; if not, we will find them later with the DMARC reporting.
*Some providers may be publishing records without your knowledge, making it crucial for you to know and identify all your vendors.
- Inventory all vendors…