Why does my header.from differ from my message from, and what is the correct setup for one-click unsubscribe?

Key findings

• Multiple 'from' headers: Emails contain more than one 'from' field, including the visible From: header (Header From) and the Return-Path (Mail From), which is used for bounces and SPF authentication. These are often different domains, which is not inherently problematic.
• Alignment is key: For DMARC and modern sender requirements, either SPF or DKIM must align with the From: header. This means the domain used in the Return-Path (for SPF) or the d= tag in the DKIM signature must match the From: domain. Learn more about DMARC, SPF, and DKIM alignment.
• Strict vs. relaxed alignment: Strict alignment requires an exact match between domains, while relaxed alignment allows for subdomain matches. For example, if enews.mydomain.com is the From: domain and mydomain.com is the SPF domain, this is relaxed alignment. Many ESPs may not typically configure for relaxed DKIM alignment.
• One-click unsubscribe mandate: Google and Yahoo now require one-click unsubscribe functionality via the List-Unsubscribe header, specifically List-Unsubscribe-Post: List-Unsubscribe=One-Click. This greatly improves user experience and can impact your sender reputation. More details can be found in RFC 8058 on one-click unsubscribe.
• SSL for unsubscribe links: A common reason for one-click unsubscribe failures is the use of HTTP instead of HTTPS for the unsubscribe link. SSL (HTTPS) is a requirement for a compliant one-click unsubscribe.

Key considerations

• Verify SPF and DKIM alignment: Use third-party tools to confirm that either SPF or DKIM aligns with your visible From: domain. This is crucial for DMARC validation and inbox placement. Be aware that Google Postmaster Tools (GPT) can sometimes display misleading alignment warnings.
• Ensure one-click unsubscribe implementation: Confirm that your Email Service Provider (ESP) or sending platform correctly implements the List-Unsubscribe and List-Unsubscribe-Post headers. This helps maintain a healthy sending reputation and avoids spam folder placement. You can learn how to verify List-Unsubscribe headers.
• Secure your unsubscribe links: Always use HTTPS for your one-click unsubscribe links. An HTTP link will cause the one-click unsubscribe to fail compliance checks.
• Monitor deliverability: Even with correct technical setup, ongoing monitoring of your deliverability metrics and domain reputation is essential to identify and address any potential issues. If emails are still going to spam, reputation might be the underlying cause.

Key opinions

• Header confusion: Marketers frequently mix up the different 'from' addresses, such as the visible From: and the Return-Path, leading to confusion about alignment issues.
• One-click unsubscribe importance: There's widespread acknowledgment that one-click unsubscribe is now a critical requirement for deliverability, especially with new regulations from major ISPs. This helps maintain domain reputation.
• Troubleshooting tools: Marketers actively seek and use third-party tools to diagnose email header and compliance issues, often finding them more reliable than built-in platform diagnostics. Our email deliverability tester can assist with this.
• SSL for links: Many marketers are surprised to learn that SSL (HTTPS) is a mandatory requirement for compliant one-click unsubscribe links, and often overlook this detail in their setup.

Key considerations

• ESP configuration: The responsibility for correct header setup and one-click unsubscribe often lies with the Email Service Provider (ESP), though older client accounts may require manual updates for SSL.
• Ongoing compliance checks: Regular checks of email headers are necessary to ensure ongoing compliance with evolving ISP requirements and to prevent issues like the Gmail unsubscribe header visibility issue.
• Impact on deliverability: Failure to correctly implement one-click unsubscribe can lead to emails landing in spam folders or being blocklisted, directly affecting campaign performance. Learn more about the impact of blacklists.
• User experience: Providing an easy unsubscribe option improves subscriber satisfaction and reduces spam complaints, even if it results in list shrinkage.

Key opinions

• Multiple 'from' fields: Experts confirm that emails indeed have multiple 'from' headers, including the Return-Path (also known as the MFROM or SPF domain) and the From: header (visible to recipients).
• DMARC alignment rules: For DMARC to pass, either SPF or DKIM must align with the From: domain. Both do not need to align simultaneously.
• Google Postmaster Tools warnings: The Google Postmaster Tools dashboard can be buggy and may sometimes display incorrect alignment or compliance warnings. It's advisable to cross-verify with reliable third-party testing tools to check email headers and compliance.
• Subdomain inheritance: If a DMARC record is published at the top-level domain (apex or organizational domain), sending subdomains typically inherit its policy. ISPs will check the topmost level if no DMARC is explicitly published for the subdomain.
• RFC 8058 compliance: Compliance with RFC 8058, which specifies the one-click unsubscribe mechanism, is crucial. This includes ensuring that the unsubscribe link uses HTTPS.

Key considerations

• DKIM alignment detail: DKIM alignment means the d= domain in the DKIM header should match the From: domain. This can be strict or relaxed alignment.
• Reputation vs. configuration: If SPF and DKIM alignment are correct, deliverability issues may stem more from sender reputation than from misconfiguration. Consistent sending practices and monitoring domain reputation are then crucial.
• HTTPS requirement: The unsubscribe link within the List-Unsubscribe header must use HTTPS to be considered compliant by major mailbox providers. An HTTP link will cause the one-click unsubscribe to fail.
• Vendor capabilities: Senders should verify that their ESP supports and correctly implements one-click unsubscribe, especially for older accounts, which might not have SSL enabled by default on unsubscribe links.

Key findings

• RFC 5322 defines the "From:" header as the author of the message, which is typically what users see in their inbox.
• RFC 5321 specifies the "Mail From" (or Return-Path) address, used for SPF authentication and bounce handling. It often differs from the From: header.
• DMARC alignment: DMARC requires that either the SPF domain (Mail From) or the DKIM signing domain (d= tag) align with the From: domain. This alignment can be strict (exact match) or relaxed (subdomain match).
• RFC 8058 for one-click unsubscribe: This RFC outlines the standard for one-click unsubscribe, primarily through the List-Unsubscribe-Post: List-Unsubscribe=One-Click header. This mechanism allows email clients to display an unsubscribe button directly, rather than requiring the user to click a link in the email body.
• HTTPS requirement: For compliant one-click unsubscribe, the provided unsubscribe URL in the List-Unsubscribe header must be an HTTPS URL. HTTP links will not meet the requirements.

Key considerations

• Compliance with ISP mandates: Mailbox providers like Google and Yahoo now enforce one-click unsubscribe. Failure to comply can lead to increased spam complaints and reduced inbox placement. Understanding Gmail's automated unsubscribe feature is crucial.
• Header integrity: The DKIM signature should ideally cover the List-Unsubscribe headers to prevent tampering and ensure trust.
• Consistency across platforms: Senders using multiple platforms or older ESP configurations must ensure consistent implementation of these header requirements. This can involve updating SSL certificates for unsubscribe domains or configuring custom domains properly.
• Impact on sender reputation: Providing an easy unsubscribe option reduces user frustration and decreases the likelihood of recipients marking emails as spam, which positively impacts sender reputation and avoids email blacklisting.