On Wed, Nov 19, 2025 at 4:05 PM L. Mark Stone via mailop <[email protected]> wrote:
> > BTW, in a recent conversation I had with one of the BIMI Working Group > members, I was told that the primary reason for BIMI was to motivate larger > companies that care about their brand identity (and which send a lot of > email, and which are attractive to bad actors as companies to spoof) to > deploy DMARC faster. > Hell that's no secret; here's the third paragraph of the Introduction section of https://datatracker.ietf.org/doc/html/draft-brand-indicators-for-message-identification : BIMI is designed to be open and to work at Internet scale. BIMI is intended to drive adoption of email authentication best practices by leveraging existing DMARC [RFC7489 <https://www.rfc-editor.org/info/rfc7489>] policies, the supporting authentication methods DKIM [RFC6376 <https://www.rfc-editor.org/info/rfc6376>] and SPF [RFC7208 <https://www.rfc-editor.org/info/rfc7208>], and other associated standards such as ARC [RFC8617 <https://www.rfc-editor.org/info/rfc8617>]. In my opinion, it didn't quite achieve its goals here, which is why you're seeing the large mailbox providers require DMARC/SPF/DKIM for higher volume senders these days. -- Todd
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
