One-click-unsubscribe

Hi Michel,

Definitely a good question, and one that has been of particular interest industry wide ahead of Gmail and Yahoo’s upcoming requirements.  I’ll break my response up into three parts to address each aspect of List-Unsubscribe, Google/Yahoo requirements, and what one-click unsubscribe really means from a CAN-SPAM perspective.

One-click Unsubscribe from a CAN-SPAM (§ 316.5) perspective

One click unsubscribe is probably one of the most incorrectly named best practices in the industry, and the core reason for this is that one-click unsubscribe essentially allows for two-click unsubscribe.  The true spirit of the legislation is that senders cannot impose unreasonable additional steps when a person wants to unsubscribe from an email via the unsubscribe link provided within the email body.  The best way to describe this is with a few of examples.

Example One (Satisfies one-click unsubscribe)

A recipient clicks on the unsubscribe link and is brought to a subscription center page.  The recipient clicks a button that allows them to unsubscribe from all communications and that request is honored in timely fashion.

Example Two (Does not satisfy onc-click unsubscribe)

A recipient clicks on the unsubscribe link and is then prompted to log-in before being brought to the unsubscribe page.

Example Three (Does not satisfy one-click unsubscribe)

A recipient clicks the unsubscribe link and is brought to your subscription center where they are not offered a global unsubscribe option, but instead must select multiple toggles to manually unsubscribe from individual topics.

In summary, one-click unsubscribe really informs what happens after a recipient clicks your unsubscribe button.

List-Unsubscribe / Email client unsubscribe buttons

Some email clients (particularly Yahoo and Google) will sometimes surface a client-side link that inbox users can click to unsubscribe from an email.  This link is informed by the contents of the list unsubscribe header.  The traditional List-Unsubscribe header generally includes an email address and a URL to receive the unsubscribe request.  The inbox provider will either send an automated email to the email address listed or, direct the recipient to the URL that the sender provides (usually a link to the unsubscribe center).   

Its important to note that this unsubscribe button will not automatically surface even if a List-Unsubscribe header is present and populated.  Gmail specifically will only surface this unsubscribe link if their system is confident that the unsubscribe will be honored, so sender reputation is a big factor in whether or not this link is made available.

Google and Yahoo 2024 One-click unsubscribe requirements (RFC 8058)

Offering an unsubscribe option is not only a best practice to give your subscribers the ability to opt-out of your messages but is also a requirement with Google and Yahoo’s new Bulk Sender 2024 Requirements. These new guidelines require the successful implementation of RFC 8058 List-unsubscribe-post.

Purpose: RFC 8058 defines the "List-Unsubscribe-Post" header field for email messages. This header is used to provide a way for recipients to easily unsubscribe from mailing lists, particularly through a one-click mechanism.

Key Features:

• Supports true one-click unsubscribe.
• Provides options for both email-based and web-based unsubscribe methods.
• Enhances user experience by simplifying the unsubscribe process.

If you are utilizing our default unsubscribe functionality, no further action needs to be taken and RFC 8058/List-Unsubscribe-Post has been automatically implemented (as of last week).

How do I implement RFC 8058 for my custom unsubscribe solution?

Because your custom unsubscribe system is unique to your organization, and the consumption and processing of the required HTTPS POST exists within your own system, our Technical Support and Deliverability teams are unable to advise in detail. But we are happy to provide the following general guidance below:

Step 1: Configure your system to receive the POST when “Unsubscribe” is clicked

The core idea behind RFC 8058 is to create a header that defines the provider-surfaced link within the Gmail and Yahoo email clients. Note that even if you implement RFC 8058, the link may not always appear, Google and Yahoo will surface the link at their discretion.

Per the RFC 8058 documentation, your List-Unsubscribe-Post header:

• Should contain a unique HTTPS URI POST
• Should point to an endpoint that is configured to receive the POST and process the unsubscribe for the recipient (within 48 hours)
• The message must also have a valid DKIM signature that covers at least the List-Unsubscribe and List-Unsubscribe-Post headers

Example below:

Header in Email

List-Unsubscribe:

    <mailto:listrequest@example.com?subject=unsubscribe>,

    <https://example.com/unsubscribe.html?opaque=123456789>

List-Unsubscribe-Post: List-Unsubscribe=One-Click

Resulting POST request

   POST /unsubscribe.html?opaque=123456789 HTTP/1.1

   Host: example.com

   Content-Type: application/x-www-form-urlencoded

   Content-Length: 26

   List-Unsubscribe=One-Click

Step 2: Update the required headers for each email message within Customer.io

Customer.io’s various email editors provide the ability to add Custom Headers - learn about how to add custom headers in our documentation.

Does Customer.io offer assistance with the implementation of RFC 8058?

Because every custom unsubscribe system is unique to an individual business and the consumption and processing of the required HTTPS post request exists within your own system, our support and deliverability teams are unable to advise beyond the information provided in this FAQ.