Skip to content
Tallyfy

BIMI compliance

Tallyfy uses BIMI to display a verified logo next to emails sent from tallyfy.com. If you see the Tallyfy logo in your inbox, that email is genuinely from us. No logo? Don’t trust it.

How does BIMI authentication work?

BIMI checks multiple forms of identity before showing our logo next to a message. Here’s how it works:

  1. Email authentication (SPF, DKIM, DMARC1): Three layers of authentication prove that emails from tallyfy.com actually come from Tallyfy’s servers.

  2. Strict DMARC policy: Tallyfy tells email providers: “If an email claims it’s from us but fails our checks, reject it.” Scammers can’t pretend to be Tallyfy - their fake emails get blocked before reaching you.

  3. BIMI DNS record: A special DNS record points email providers to our official logo file. This is how providers know which logo to display.

  4. Verified Mark Certificate (VMC2): Tallyfy holds a VMC that cryptographically proves ownership of the logo. Only verified organizations obtain these certificates.

  5. Logo display: When Gmail or Outlook receives an email from tallyfy.com, it runs through all these checks. Pass every one? The logo appears. Fail any? No logo.

What security benefits does BIMI give you?

  • Instant trust signal: See the Tallyfy logo? It’s really us. No logo on an email claiming to be from Tallyfy? Delete it.
  • Faster recognition: The Tallyfy logo makes our emails stand out in a crowded inbox, so you can spot them quickly.
  • Phishing resistance: Over time, you’ll instinctively expect the logo on legitimate Tallyfy emails - making fakes obvious.

How does BIMI protect against cyber threats?

  • Domain spoofing prevention: Someone sends a fake “password reset” from a spoofed tallyfy.com address. No logo appears, and the email goes to spam.
  • Phishing detection: An urgent “Update your payment method NOW!” email arrives without the Tallyfy logo. That’s your red flag - real Tallyfy emails always show the verified logo.
  • Brand impersonation resistance: Scammers can copy Tallyfy’s website design, but they can’t fake the BIMI certificate. Fraudulent emails are immediately identifiable by the missing logo.

What should I know about custom SMTP settings?

To keep the verified logo on your emails, use Tallyfy’s default email settings.

Email > Set up custom SMTP sending

Tallyfy lets administrators route all workflow notification emails through their own SMTP server so that messages come from the organization’s domain with full control over deliverability and sender reputation while requiring only a host port and credentials to configure and test in one step.

Org Settings > Organization branding

Tallyfy lets admins customize branding by uploading a logo and selecting brand colors while also supporting global CSS for styling content elements like headings and tables though full white-labeling is not possible due to security and compliance constraints tied to the tallyfy.com domain.

Integrations > Email and SMTP

Tallyfy integrates with email through custom SMTP configuration for branded domain-based notifications and a Gmail add-on that lets you launch processes and convert emails into trackable tasks directly from your inbox along with upcoming features for in-email task actions and personal email account connections.

Support > Not receiving emails?

If Tallyfy emails are not arriving you can fix it by checking spam folders and notification settings and having your IT team allowlist the tallyfy.com domain while also using diagnostic tools like message trace and mail-tester.com to identify authentication or filtering issues especially in Microsoft email systems which often require specific admin-level adjustments to ensure delivery.

Footnotes

  1. Email authentication protocols that verify sender identity and message integrity

  2. Verified Mark Certificate issued by certificate authorities to validate logo ownership

Get in touch
About Tallyfy