What is RFC 8058 and what does it have to do with one-click unsubscribe?

Wondering how to stay compliant with Gmail and Yahoo’s new sender requirement to implement one-click unsubscribe? The answer doesn’t lie in the unsubscribe link you’ve probably got in your email body. To stay a trusted sender, you’ll need RFC 8058. Here’s everything you need to know.



Bulk senders have had a lot of questions around what implementing a one-click unsubscribe process means since the requirement was announced by Gmail and Yahoo in October of 2023. If you already have an unsubscribe link in your email footer is this enough? What exactly is required, and how long to senders have to implement this requirement?

What is RFC 8058?

RFC 8058 was first introduced in 2017 as a method to support Signaling One-Click Functionality for List-Unsubscribe Email Header Fields. This means that instead of message recipients scrolling to the footer of an email to follow an unsubscribe link and process manually, they can unsubscribe directly from a mailbox UI, if that mailbox provider supports RFC 8058.

How RFC 8058 works under the hood

RFC 8058 establishes a standardized way for email senders to indicate that their unsubscribe process is truly one-click. When an email sender implements RFC 8058, they include a specific header field in their emails called a List-Unsubscribe-Post header This header field contains a URL that, when clicked, triggers the unsubscribe process on the sender's server.

The email provider (e.g., Gmail, Yahoo) recognizes the "List-Unsubscribe-Post" header and presents the unsubscribe link to the recipient in a clear and prominent way.

Even with the one-click unsubscribe requirement, senders still have the option to return a landing page, but it can’t quite follow the familiar process of a preference page. Senders can return landing pages using a HTTPS URI that contains the necessary information to identify the recipient and list they wish to unsubscribe from, completing the unsubscribe request automatically with no further action required from the user.

Here’s an example of one-click unsubscribe process that returns a landing page:

A user unsubscribes via the one-click unsubscribe option. Then the user is directed to a page like a preference center. Through the redirect, the user is instantly unsubscribed with no further action needed. In this case the preference center serves as a confirmation page with an option to resubscribe if the action was unintended.

Successful unsubscribe message from Google

In other words, to be valid, one-click unsubscribe under RFC 8058 must include a HTTPS URI in the list unsubscribe header, but mailto is optional. What does this mean?

  • HTTPS URI in the List-Unsubscribe header: This means that to be compliant with RFC 8058, the sent email must include at least one HTTPS URI in the List-Unsubscribe header. This URI is the unsubscribe link.

  • Mailto: The Mailto URI is a way to create and send an email to the provided recipient, requesting an unsubscribe action be taken.

If your current list-unsubscribe link requires a secondary action within a preference center, you will need to adjust to remove all secondary click-action processes to be compliant with the requirement per the RFC. A preference center can still be linked elsewhere in the email, or on the unsubscribe confirmation page, to provide further subscription management options.

Not all mailbox providers currently recognize List-Unsubscribe-Post headers, Microsoft is one current example. However, with Gmail and Yahoo enforcing one-click unsubscribe as a bulk sender requirement, it’s likely that we will see wider adoption. Learn more about what’s in store for email in 2024.

How long do senders have to implement one-click unsubscribe?

Other than how do I implement one-click unsubscribe (which we’ll walk you through next), the other most asked question from senders is how long do I have to implement one-click unsubscribe? June 1, 2024 looks to be the official date for Google but we recommend implementing RFC 8058 sooner rather than later since the requirements are being slowly rolled out between February and June when they become fully enforced.

“Bulk senders have until June 1 to implement one-click unsubscribe on the Google front in all of your commercial and promotional messages.”

Anu Yamunan, Director of Product for Anti-Abuse & Safety at Google

What else do senders need to know about the one-click unsubscribe requirement?

Senders will have 48 hours to honor unsubscribe requests to meet the requirement. This is true for both Gmail and Yahoo. Once you have implemented RFC 8058, the process is this:

  • The user clicks on the unsubscribe link via the mailbox providers UI.

  • The ISP completes the unsubscribe process.

  • The sender is responsible for processing the unsubscribe data to update their email list within 48 hours.

One-click unsubscribe is only required for promotional and commercial messaging, not for transactional messaging. This means that all your triggered password reset emails, shipping confirmations, reminders, etc. are not held to this requirement. We bet you’re thinking, but how do Gmail and Yahoo know which messages are transactional and which are promotional?

How do Gmail and Yahoo tell the difference between promotional and transactional messages? At a high level it varies based on the industry and the applicable regulations but ultimately, it’s the message recipients that determine the nature of the messages they receive. If you want to reduce high spam rates, give users an easy way to unsubscribe from marketing and promotional messages. Always keep the user in mind when you are deciding on your communications. The user is the one deciding if something is promotional or not.

Recipient behavior plays a major role in how emails are positioned in the inbox, whether they go to spam and how future emails from a sender are treated. While we may never know the inner workings of mailbox giants like Gmail and Yahoo, there are best practices that are proven to help.

At Sinch Mailgun, we recommend that you separate the reputations between your promotional and transactional messaging by using different subdomains. So transactional messages may come from while promotional come from

Learn more about the sender requirements and get an in-depth breakdown from Marcel Becker, Sr. Director of Product at Yahoo. We sat down with Marcel in our podcast Email’s Not Dead, get the recap here.

What do senders need to do to enable one-click unsubscribe if they are self-managing?

If you manage your own email program, or even just your unsubscribes, you will have to manually implement a one-click unsubscribe process.

  1. Senders must include one List-Unsubscribe header field and one List-Unsubscribe-Post header field in their message.

  2. The List-Unsubscribe header field must contain one HTTPS URI.

  3. The List-Unsubscribe-Post header must contain the value “List-Unsubscribe=One-Click”.

  4. The message must have a valid DKIM signature to cover the List-Unsubscribe, and List-Unsubscribe-Post headers.

  5. The URI must include sufficient information to identify the mail recipient and the list from which they are to be removed.

  6. The post request must not include cookies, HTTP auth, or any other identifying data that might link the unsubscribe action to any previous web activity.

For a full breakdown of the technical and data requirements of RFC 8058, view this tool from

What do Sinch Mailgun senders need to do to enable one-click unsubscribe?

For Sinch Mailgun users, we automatically insert the necessary headers.

Sinch Mailgun offers automated unsubscribe handling in which we insert one-click unsubscribe links into the footer of your emails that automatically process the unsubscribe requests of any recipients who choose to unsubscribe from your mailings.

Two email headers are key to facilitating one-click unsubscribes:

  • List-Unsubscribe

  • List-Unsubscribe-Post

To use Mailgun’s unsubscribe handling, you can enable it in Mailgun's Control Panel at the Domain-level, which adds the unsubscribe footer to all emails that are sent through that domain. You can also enable with Sinch Mailgun's APIs at the Email-level, which adds the unsubscribe footer selectively per email that is sent through that domain.

Check out our guide for unsubscribe handling and links for the step-by-step process.

How RFC 8058 benefits both email senders and recipients

The convenience of one-click unsubscribe mechanisms like RFC 8058 benefits both email recipients and senders by promoting streamlined, user-friendly experiences that enhance email engagement and compliance with unsubscribe requests.

For senders

By offering a true one-click unsubscribe option, senders can improve their sender reputation, reduce spam complaints, and potentially improve deliverability.


For one-click unsubscribe the RFC you need to follow is RFC 8058. From a benefit perspective, letting people opt out of messages can improve your open rates, click through rates, and your sending efficiency.


Anu Yamunan, Director of Product for Anti-Abuse & Safety at Google

For recipients

Unsubscribing becomes a hassle-free experience, reducing frustration and improving overall email satisfaction while making the unsubscribe process as simple as the process to send an email to spam.

“We want users to unsubscribe to messages they don’t want; we don’t want them to mark them as spam and hurt the reputation of the sender. We have seen by implementing this unsubscribe affordance in the UI that spam marks go down and in some cases are being reduced by 30 to 40%.”

Marcel Becker, Sr. Director of Product Management at Yahoo

The Future of Unsubscribes

While RFC 8058 is not universally mandatory, it is becoming increasingly adopted by major email providers like Gmail and Yahoo, and marketing automation platforms. Some email clients, like Gmail, even visually distinguish RFC 8058-compliant unsubscribe links for better user awareness.

RFC 8058 represents a significant step forward in simplifying the unsubscribe process for email. As more senders adopt this standard, email communication can become more respectful of recipients' time and preferences, fostering a more positive overall email experience.

Need help understanding sender requirements? Check out our resource page which provides resources for each of the requirements, and check out our on-demand fireside chat with Gmail and Yahoo to hear the answers straight from these mailbox providers.

On-demand webinar

Are you prepared for Google and Yahoo's new sender requirements?

View our fireside chat with Marcel Becker, Senior Director of Product at Yahoo, Anu Yamunan, Director of Product for Anti-Abuse & Safety at Google, and Kate Nowrouzi, Vice President of Deliverability at Sinch Mailgun, as we explore the new requirements for bulk email senders.

Related readings

The DMARC perspective: Protecting your sending in the age of stricter enforcement

The world of email is undergoing a significant shift. With Google and Yahoo recently increasing enforcement on DMARC, many organizations are having to implement DMARC...

Read more

Understanding the Gmail and Yahoo sender requirements: Takeaways from our fireside chat with Gmail and Yahoo

The inbox requirements for bulk senders announced by Google and Yahoo in October 2023 have shot through the community like panic up a spine. As with any big announcement it...

Read more

Understanding Yahoo sender requirements: Insights from Yahoo’s Marcel Becker

Marcel Becker, Sr. Director of Product Management at Yahoo, joined our podcast, Email’s Not Dead, to share his insights on the Yahoo inbox requirements and shed light on why...

Read more

Popular posts

Email inbox.

Build Laravel 10 email authentication with Mailgun and Digital Ocean

When it was first released, Laravel version 5.7 added a new capability to verify user’s emails. If you’ve ever run php artisan make:auth within a Laravel app you’ll know the...

Read more

Mailgun statistics.

Sending email using the Mailgun PHP API

It’s been a while since the Mailgun PHP SDK came around, and we’ve seen lots of changes: new functionalities, new integrations built on top, new API endpoints…yet the core of PHP...

Read more

Statistics on deliverability.

Here’s everything you need to know about DNS blocklists

The word “blocklist” can almost seem like something out of a movie – a little dramatic, silly, and a little unreal. Unfortunately, in the real world, blocklists are definitely something you...

Read more

See what you can accomplish with the world's best email delivery platform. It's easy to get started.Let's get sending
CTA icon