Gmail to Start Testing Brand Logo Validation System for Emails
Google this week announced several new security features for its G Suite services, and the most notable for Gmail users is a pilot of an email specification that allows brand logos to display within authenticated emails.
Brand Indications for Message Identification (BIMI) is developed by the AuthIndicators Working Group, and requires emails to pass Google's anti-abuse validation, after which it brands the incoming message with a logo of the company that sent it.
Our BIMI pilot will enable organizations, who authenticate their emails using DMARC, to validate ownership of their corporate logos and securely transmit them to Google. Once these authenticated emails pass all of our other anti-abuse checks, Gmail will start displaying the logo in existing avatar slots in the Gmail UI.
By authenticating messages using the existing DMARC system and requiring strong authentication, the spec aims to give users and email security systems increased confidence in the source of emails while creating a trusted brand presence.
Google says it will be starting the BIMI pilot in the coming weeks with a limited number of senders. To learn more about BIMI, you can visit the working group's website.
Popular Stories
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
Apple today released several open source large language models (LLMs) that are designed to run on-device rather than through cloud servers. Called OpenELM (Open-source Efficient Language Models), the LLMs are available on the Hugging Face Hub, a community for sharing AI code. As outlined in a white paper [PDF], there are eight total OpenELM models, four of which were pre-trained using the...
Apple has dropped the number of Vision Pro units that it plans to ship in 2024, going from an expected 700 to 800k units to just 400k to 450k units, according to Apple analyst Ming-Chi Kuo. Orders have been scaled back before the Vision Pro has launched in markets outside of the United States, which Kuo says is a sign that demand in the U.S. has "fallen sharply beyond expectations." As a...
Apple is finally planning a Calculator app for the iPad, over 14 years after launching the device, according to a source familiar with the matter. iPadOS 18 will include a built-in Calculator app for all iPad models that are compatible with the software update, which is expected to be unveiled during the opening keynote of Apple's annual developers conference WWDC on June 10. AppleInsider...
Apple is set to unveil iOS 18 during its WWDC keynote on June 10, so the software update is a little over six weeks away from being announced. Below, we recap rumored features and changes planned for the iPhone with iOS 18. iOS 18 will reportedly be the "biggest" update in the iPhone's history, with new ChatGPT-inspired generative AI features, a more customizable Home Screen, and much more....
Top Rated Comments
Also, I'm sure there's some subtle irony in using CNN in their graphic...
Why? It doesn't protect from lookalike domains. Everyone can setup a lookalike domain like "macrumrs.com" and setup BIMI on that, put the MR logo. SPF, DKIM, DMARC... all of that will pass with flying colors. S/MIME signing has the same issue.
As for BIMI: We don't need any further protection from fake "FROM:" emails. Spoofed emails end up in the junk anyway thanks to SPF and possibly DKIM.
All of this nonsense could be eliminated when the sending server simply signs the emails using a (manually) validated cert for the sending domain.
However, there are to many backward people that think that, before touching the core of the mail-server they rather build another system around it. For example, Microsoft doesn't even support DKIM on Microsoft Exchange Server.