Introducing the ‘One Click Unsubscribe’ to InboxSys
What is it?
First we must understand how this come about. This all started with the List-Unsubscribe header as defined in RFC2369
The List-Unsubscribe header
Building on from your standard unsubscribe link on the top and/or bottom of your emails, the List-Unsubscribe field is a command in the header of your email. This is to used to help a recipient to unsubscribe easier and for that data to be fed back directly to the Email Service Provider and to the list owner with the vision to make the unsubscription process as simple and efficient as possible.
List Unsubscribe header in action:
This avoids the common issue recipients have whereby the unsubscribe link is somewhat hidden. This makes it a more prominent option, in ISPs that support this.
Which ISPs support this functionality
ISPs such as Gmail, Verizon Group, Microsoft Outlook + more
The List-unsubscribe worked well, this in itself made it easier for recipients to unsubscribe and prevented some complaints and emails marked as spam. Although this solved many issues and worked as a great function to help list members, email marketers, Email Services Providers (ESPs) and Internet Service Providers (ISPs) a like, it didn’t solve all of them.
One issue that arose from this was that filter technology scanning links of all emails (Using GET) to check if they are malicious links or not meant that it could be possible for a member to be unsubscribed without wishing to do so.
One Click Unsubscribe:
That’s when One Click Unsubscribe was introduced as a measure against this false positive. Read more here RFC8058
Co Authored by John Levine & Tobias Herkula.
How does it work?
This builds upon the List-Unsubscribe header. This feature eradicates the risk that a recipient is unsubscribed without requesting to, by the filter technologies that scan them.
Example One Click Unsubscribe:
This extra step means that when a filter opens or scans the URL link the recipient is not unsubscribed directly per se.
This requires a final step of validation in the form of a button to confirm to unsubscribe from the mailing list.
However performing a POST Request on the URI, sending the key/value pair from the List-Unsubscribe-Post header will cause the unsubscribe without a need of interaction.
One-click unsubscribe uses an https POST action rather than the simpler GET. The POST action is intended for actions to change something, as opposed to GET which is supposed to just retrieve data. Anti-spam filters and malware checkers use GETs, not POSTs.
This Example results e.g. in an POST request like this:
HTTP/1.1 Host: example.com
Content-Length: 26 List-Unsubscribe=One-Click
Who needs to implement what?
Senders who include the new List-Unsubscribe=One-Click need to ensure that the landing page that handles this request is able to process the POST request. ISPs need to take into account the List-Unsubscribe-Post: List-Unsubscribe=One-Click function to ensure that this is not processed automatically by their checks or their filters.
Why should you care?
Any way we can make it easier for a recipient who wants to unsubscribe the better. This could help reduce the chance that a) they receive unwanted mail b) reduce risk of complaints and emails marked as spam. In addition with this new field, this reduces the false positives that previously existed.
What have InboxSys done about it?
We have added a visual on the feedback. Example of no List-Unsubscribe One click:
Example of a correctly configured One click unsubscribe:
For further reading please read the whitepaper by the CSA
*examples used in this post are from this link.
Any questions regarding this topic or for assistance in setting this function up please get in touch. We’d be happy to help.