BIMI is a bad idea. Any icons for origin domains should be
selected by the receiving user, and then ongoing authenticated
messages from the same domain will get the user's selected
icon. A suggested icon could be included in the message
by the sending MUA.
Having MTAs making trust judgements on user-interface security
signals is poor design.