Gmail to Start Testing Brand Logo Validation System for Emails
Google this week announced several new security features for its G Suite services, and the most notable for Gmail users is a pilot of an email specification that allows brand logos to display within authenticated emails.
Brand Indications for Message Identification (BIMI) is developed by the AuthIndicators Working Group, and requires emails to pass Google's anti-abuse validation, after which it brands the incoming message with a logo of the company that sent it.
Our BIMI pilot will enable organizations, who authenticate their emails using DMARC, to validate ownership of their corporate logos and securely transmit them to Google. Once these authenticated emails pass all of our other anti-abuse checks, Gmail will start displaying the logo in existing avatar slots in the Gmail UI.
By authenticating messages using the existing DMARC system and requiring strong authentication, the spec aims to give users and email security systems increased confidence in the source of emails while creating a trusted brand presence.
Google says it will be starting the BIMI pilot in the coming weeks with a limited number of senders. To learn more about BIMI, you can visit the working group's website.
Popular Stories
Game emulator apps have come and gone since Apple announced App Store support for them on April 5, but now popular game emulator Delta from developer Riley Testut is available for download. Testut is known as the developer behind GBA4iOS, an open-source emulator that was available for a brief time more than a decade ago. GBA4iOS led to Delta, an emulator that has been available outside of...
The first approved Nintendo Entertainment System (NES) emulator for the iPhone and iPad was made available on the App Store today following Apple's rule change. The emulator is called Bimmy, and it was developed by Tom Salvo. On the App Store, Bimmy is described as a tool for testing and playing public domain/"homebrew" games created for the NES, but the app allows you to load ROMs for any...
Last September, Apple's iPhone 15 Pro models debuted with a new customizable Action button, offering faster access to a handful of functions, as well as the ability to assign Shortcuts. Apple is poised to include the feature on all upcoming iPhone 16 models, so we asked iPhone 15 Pro users what their experience has been with the additional button so far. The Action button replaces the switch ...
A decade ago, developer Riley Testut released the GBA4iOS emulator for iOS, and since it was against the rules at the time, Apple put a stop to downloads. Emulators have been a violation of the App Store rules for years, but that changed on April 5 when Apple suddenly reversed course and said that it was allowing retro game emulators on the App Store. Subscribe to the MacRumors YouTube channel ...
iOS 18 is expected to be the "biggest" update in the iPhone's history. Below, we recap rumored features and changes for the iPhone. iOS 18 is rumored to include new generative AI features for Siri and many apps, and Apple plans to add RCS support to the Messages app for an improved texting experience between iPhones and Android devices. The update is also expected to introduce a more...
Top Rated Comments
Also, I'm sure there's some subtle irony in using CNN in their graphic...
Why? It doesn't protect from lookalike domains. Everyone can setup a lookalike domain like "macrumrs.com" and setup BIMI on that, put the MR logo. SPF, DKIM, DMARC... all of that will pass with flying colors. S/MIME signing has the same issue.
As for BIMI: We don't need any further protection from fake "FROM:" emails. Spoofed emails end up in the junk anyway thanks to SPF and possibly DKIM.
All of this nonsense could be eliminated when the sending server simply signs the emails using a (manually) validated cert for the sending domain.
However, there are to many backward people that think that, before touching the core of the mail-server they rather build another system around it. For example, Microsoft doesn't even support DKIM on Microsoft Exchange Server.