Should I include List-Unsubscribe headers in transactional emails and what are the DKIM best practices?

Summary

The general consensus is that including List-Unsubscribe headers in transactional emails is highly recommended, primarily to reduce spam complaints, improve deliverability, and comply with regulations like GDPR and CAN-SPAM. This provides recipients with an easy opt-out method, improving user experience and protecting sender reputation. Best practices for DKIM include proper setup with key pair generation and DNS record creation, using a minimum key size of 2048 bits for security, rotating DKIM keys regularly, ensuring DKIM alignment for DMARC compliance, and handling potential issues with long DKIM records by using TXT record concatenation. The choice between mailto: and HTTP URLs for the List-Unsubscribe header depends on the desired processing speed, with HTTP generally offering faster unsubscription.

Key findings

  • List-Unsubscribe Benefits: Including List-Unsubscribe headers in transactional emails significantly reduces spam complaints and improves overall deliverability by providing a straightforward opt-out mechanism.
  • DKIM Improves Authentication: DKIM helps in authenticating the sender's identity, increasing trust with email service providers, and reducing the chances of emails being marked as spam.
  • DKIM Key Rotation: Regularly rotating DKIM keys is crucial for maintaining security and minimizing the risk of key compromise.
  • DKIM Alignment for DMARC: DKIM alignment is essential for passing DMARC authentication, requiring the d= domain in the DKIM signature to match the domain in the From header.
  • Key Size: Using a DKIM Key size of at least 2048 bits for improved security

Key considerations

  • Regulatory Compliance: List-Unsubscribe headers aid in compliance with email marketing regulations like GDPR and CAN-SPAM.
  • User Experience Optimization: Offering an unsubscribe option, even for transactional emails, enhances user experience, especially if the recipient didn't request those emails.
  • TXT Record Length Limitations: If DKIM records exceed the character limit, use TXT records that support string concatenation in DNS to ensure validity.
  • Unsubscription Policy Implementation: Develop a clear and practical policy for managing unsubscription requests from transactional emails, such as suppressing marketing and less-critical communications.
  • HTTP vs. Mailto URLs: Carefully consider the implementation of the List-Unsubscribe header (HTTP vs. mailto), evaluating the speed with which unsubscribe requests are handled.
  • DKIM Selector best practice: Selecting an appropriate DKIM selector and ensuing DNS validation

What email marketers say
11Marketer opinions

The consensus is that including List-Unsubscribe headers in transactional emails is a good practice, particularly for compliance with regulations and to reduce spam complaints. It provides recipients with an easy way to opt-out, enhancing user experience and protecting sender reputation. For DKIM, it's essential to set it up correctly, regularly rotate keys, ensure DKIM alignment for DMARC compliance, and handle long DKIM records properly.

Key opinions

  • List-Unsubscribe Benefit: Including List-Unsubscribe headers in transactional emails reduces spam complaints and improves deliverability by providing recipients with a straightforward opt-out method.
  • DKIM Improves Deliverability: DKIM helps improve email deliverability by authenticating the sender's identity, reducing the likelihood of emails being marked as spam.
  • DKIM Key Rotation: Regularly rotating DKIM keys is a recommended best practice to mitigate the risk of key compromise.
  • DKIM Alignment: DKIM alignment is crucial for passing DMARC authentication; the d= domain in the DKIM signature must match the domain in the From header.

Key considerations

  • Compliance: List-Unsubscribe headers aid in compliance with email marketing regulations like GDPR and CAN-SPAM.
  • User Experience: Offering an unsubscribe option, even for transactional emails, improves user experience, especially if recipients did not request the emails.
  • TXT Record Length: When DKIM records are too long, use TXT records that support string concatenation in DNS to ensure the entire record is valid.
  • Spam Complaints: Allowing users to unsubscribe from all message types can reduce spam complaints, protecting sender reputation.
Marketer view

Email marketer from SendGrid advises that a best practice for DKIM is to regularly rotate DKIM keys. This involves generating new keys and updating your DNS records periodically to reduce the risk of key compromise.

February 2023 - SendGrid
Marketer view

Marketer from Email Geeks sees no downside to allowing people to opt out from any message they could potentially report as spam.

March 2025 - Email Geeks
Marketer view

Email marketer from GlockApps explains that DKIM helps to improve email deliverability by authenticating the sender's identity. Implementing DKIM reduces the chances of emails being marked as spam and increases trust with email service providers.

October 2024 - GlockApps
Marketer view

Email marketer from Postmark notes that longer DKIM records might exceed the 255 character limit, and suggests using a TXT record that supports string concatenation in DNS. It's essential for the complete DKIM record to be valid.

November 2023 - Postmark
Marketer view

Marketer from Email Geeks suggests allowing users to unsubscribe even from transactional emails if they didn't request them, as complaints are worse for reputation than unsubscribes, also mentioning a 'this isn't me' option.

February 2024 - Email Geeks
Marketer view

Email marketer from Email Marketing Forum explains that DKIM alignment is crucial for passing DMARC authentication. The d= domain in the DKIM signature must match the domain in the From header of the email.

March 2024 - Email Marketing Forum
Marketer view

Email marketer from Campaign Monitor recommends providing an option to unsubscribe even from transactional emails, especially if recipients did not request them. This improves user experience and protects sender reputation.

May 2021 - Campaign Monitor
Marketer view

Marketer from Email Geeks recommends including the list-unsubscribe header, especially for opted-in emails, to provide an easy way for recipients to opt out. He refers to Google's FAQs about it.

March 2024 - Email Geeks
Marketer view

Email marketer from Litmus shares that the List-Unsubscribe header provides an easy way for recipients to remove themselves from an email list, reducing spam complaints and improving deliverability. This header benefits both senders and recipients by streamlining the unsubscription process.

February 2023 - Litmus
Marketer view

Email marketer from Reddit shares that it's generally a good practice to include List-Unsubscribe headers in transactional emails as well. This gives users an easy way to opt-out if they no longer want to receive those emails, such as in cases where they didn't initiate the transaction.

October 2024 - Reddit
Marketer view

Email marketer from Mailjet explains that including a List-Unsubscribe header is crucial for compliance with email marketing regulations like GDPR and CAN-SPAM. It allows recipients to easily opt-out of receiving emails, reducing the likelihood of spam complaints and improving sender reputation.

February 2022 - Mailjet

What the experts say
7Expert opinions

Experts generally recommend including List-Unsubscribe headers in transactional emails to reduce spam complaints and improve deliverability. RFC 8058 unsubscription headers are acceptable, but it's crucial to decide how to handle unsubscription requests. A reasonable policy involves suppressing less-critical emails while continuing essential communication. For DKIM, best practices include avoiding the L= tag, considering signature expiration, oversigning key headers, selecting a unique selector, and ensuring DNS validation. Implementation can be done via mailto: or HTTP URLs, with HTTP offering faster processing.

Key opinions

  • List-Unsubscribe in Transactional Emails: Including List-Unsubscribe headers in transactional emails reduces spam complaints and enhances deliverability by providing a simple opt-out option.
  • DKIM Oversigning: Oversigning important headers helps maintain email integrity and authenticity.
  • DKIM Selector: Choosing a unique and unused DKIM selector is vital for DKIM configuration.
  • Unsubscription Policy: Establish a clear policy for handling unsubscription requests from transactional emails, such as suppressing marketing and less-critical communications.

Key considerations

  • HTTP vs. Mailto Unsubscribe: Consider using HTTP URLs for List-Unsubscribe headers for faster processing of unsubscription requests compared to mailto: URLs.
  • DKIM Configuration: Proper DKIM configuration and DNS validation are crucial for successful email authentication.
  • RFC 8058: Implement RFC 8058 unsubscription headers for transactional emails while being prepared to handle the requests appropriately.
  • Header Oversigning: Carefully oversign headers that should appear only once to prevent tampering.
Expert view

Expert from Email Geeks suggests a reasonable policy would be to suppress all marketing and less-critical transactional emails upon receiving an RFC 8058 unsubscribe request for a transactional email, while still sending vital, truly transactional mail.

July 2023 - Email Geeks
Expert view

Expert from Email Geeks shares DKIM best practices, including avoiding the L= tag, considering the X= tag for signature expiration, and oversigning headers that should only appear once like To, Cc, Subject, Date, From, Sender, Reply-To, Bcc, Message-ID, In-Reply-To, and Reference.

January 2025 - Email Geeks
Expert view

Expert from Word to the Wise shares that choosing an appropriate DKIM selector is a key component of your DKIM configuration, and you should use a selector name that you have not previously used. It also details the importance of DNS validation.

January 2024 - Word to the Wise
Expert view

Expert from Spamresource.com explains that the List-Unsubscribe header can be implemented using either a mailto: URL or an HTTP URL. The mailto: version is simpler but can lead to slower processing, while the HTTP version allows for immediate unsubscription.

April 2021 - Spamresource.com
Expert view

Expert from Email Geeks suggests that having RFC 8058 unsubscription headers for transactional mail is not a bad thing but advises deciding what to do with those unsubscription requests before setting them up.

August 2023 - Email Geeks
Expert view

Expert from Spamresource.com explains that including a List-Unsubscribe header is important because it allows recipients to easily opt-out of receiving emails, reducing the likelihood of spam complaints. This can lead to better deliverability.

October 2023 - Spamresource.com
Expert view

Expert from Email Geeks suggests reframing the question as marketing versus transactional and recommends including the list-unsubscribe header, even on transactional emails.

January 2022 - Email Geeks

What the documentation says
5Technical articles

Technical documentation emphasizes the importance of correct syntax for List-Unsubscribe headers, using either mailto: or HTTP URLs. DKIM setup involves generating a public/private key pair and adding a DNS record. A minimum DKIM key size of 2048 bits is recommended for security. SPF and DKIM should be used together to improve deliverability. Microsoft 365 provides specific steps for DKIM setup in custom domains.

Key findings

  • List-Unsubscribe Syntax: List-Unsubscribe headers must contain either a mailto: or HTTP URL for recipients to unsubscribe.
  • DKIM Setup Process: DKIM setup requires generating a public/private key pair and adding a DKIM record to your DNS.
  • DKIM Key Size: Using a DKIM key size of at least 2048 bits is essential for improved security.
  • SPF and DKIM Synergy: SPF and DKIM work together to authenticate sending servers and email content, improving deliverability.

Key considerations

  • Implementation Efficiency: Correctly implementing List-Unsubscribe headers ensures efficient processing of unsubscription requests.
  • DNS Configuration: Proper DNS configuration is crucial for both DKIM and SPF to function correctly.
  • Security: Strong DKIM key sizes are necessary to protect against vulnerabilities and maintain security standards.
  • Microsoft 365 DKIM: Follow Microsoft's specific steps for setting up DKIM in Microsoft 365 custom domains.
Technical article

Documentation from OpenDKIM recommends using a DKIM key size of at least 2048 bits for improved security. Smaller key sizes are more vulnerable to attacks and may not be considered secure by some email providers.

May 2024 - OpenDKIM
Technical article

Documentation from RFC Editor details the proper syntax for the List-Unsubscribe header, specifying that it should contain either a mailto: URL or an HTTP URL that recipients can use to unsubscribe from email lists. Correct implementation ensures that unsubscription requests are processed efficiently.

January 2023 - RFC Editor
Technical article

Documentation from DKIM Wizard explains that DKIM (DomainKeys Identified Mail) setup involves generating a public/private key pair and adding a DKIM record to your DNS. The private key is used to sign outgoing emails, while the public key is used by receiving mail servers to verify the signature.

July 2022 - DKIM Wizard
Technical article

Documentation from AuthSMTP shares that SPF and DKIM work together to improve email deliverability. SPF verifies the sending server, while DKIM verifies the content of the email. Combining these methods helps to ensure that your emails are not flagged as spam.

July 2021 - AuthSMTP
Technical article

Documentation from Microsoft explains the steps to set up DKIM for custom domains in Microsoft 365, including generating the necessary DNS records and enabling DKIM signing. Proper setup ensures email authentication and deliverability.

November 2021 - Microsoft

No related resources found.