Skip to main content

Blue checks for email are a bad idea

Google is adding to Brand Indicators for Message Identification:

Building upon that feature, users will now see a checkmark icon for senders that have adopted BIMI. This will help users identify messages from legitimate senders versus impersonators.

So in other words, Gmail will show a blue checkmark for email domains that have logged a registered trademark, bought a Verified Mark Certificate, and set up DMARC.

I hate this!

Although this method avoids Google itself from being a central authority, it demands that senders (1) have a verifiable registered trademark, (2) pay well over a thousand dollars for a Verified Mark Certificate.

This heavily disadvantages small vendors, sole operators, and anyone who can’t afford to drop a couple of thousand dollars on their email domain. The effect is to create an aura of legitimacy for larger organizations at the expense of individuals and smaller shops. It also heavily advantages certificate vendors, who are already running what amounts to be shakedown scam across the whole internet.

It’s an unequal, annoying policy, made worse by the realization that Gmail is likely to add routing rules that advantage BIMI-enabled messages in the future. Bah, humbug.

· Posts