What is RFC 8058 and what does it have to do with one-click unsubscribe?

What is RFC 8058?

RFC 8058 was first introduced in 2017 as a method to support Signaling One-Click Functionality for List-Unsubscribe Email Header Fields. This means that instead of message recipients scrolling to the footer of an email to follow an unsubscribe link and process manually, they can unsubscribe directly from a mailbox UI, if that mailbox provider supports RFC 8058.

How RFC 8058 works under the hood

RFC 8058 establishes a standardized way for email senders to indicate that their unsubscribe process is truly one-click. When an email sender implements RFC 8058, they include a specific header field in their emails called a List-Unsubscribe-Post header This header field contains a URL that, when clicked, triggers the unsubscribe process on the sender's server.

The email provider (e.g., Gmail, Yahoo) recognizes the "List-Unsubscribe-Post" header and presents the unsubscribe link to the recipient in a clear and prominent way.

Even with the one-click unsubscribe requirement, senders still have the option to return a landing page, but it can’t quite follow the familiar process of a preference page. Senders can return landing pages using a HTTPS URI that contains the necessary information to identify the recipient and list they wish to unsubscribe from, completing the unsubscribe request automatically with no further action required from the user.

Here’s an example of one-click unsubscribe process that returns a landing page:

A user unsubscribes via the one-click unsubscribe option. Then the user is directed to a page like a preference center. Through the redirect, the user is instantly unsubscribed with no further action needed. In this case the preference center serves as a confirmation page with an option to resubscribe if the action was unintended.

In other words, to be valid, one-click unsubscribe under RFC 8058 must include a HTTPS URI in the list unsubscribe header, but mailto is optional. What does this mean?

• HTTPS URI in the List-Unsubscribe header: This means that to be compliant with RFC 8058, the sent email must include at least one HTTPS URI in the List-Unsubscribe header. This URI is the unsubscribe link.

• Mailto: The Mailto URI is a way to create and send an email to the provided recipient, requesting an unsubscribe action be taken.

If your current list-unsubscribe link requires a secondary action within a preference center, you will need to adjust to remove all secondary click-action processes to be compliant with the requirement per the RFC. A preference center can still be linked elsewhere in the email, or on the unsubscribe confirmation page, to provide further subscription management options.

How long do senders have to implement one-click unsubscribe?

Other than how do I implement one-click unsubscribe (which we’ll walk you through next), the other most asked question from senders is how long do I have to implement one-click unsubscribe? June 1, 2024 looks to be the official date for Google but we recommend implementing RFC 8058 sooner rather than later since the requirements are being slowly rolled out between February and June when they become fully enforced.

What else do senders need to know about the one-click unsubscribe requirement?

Senders will have 48 hours to honor unsubscribe requests to meet the requirement. This is true for both Gmail and Yahoo. Once you have implemented RFC 8058, the process is this:

• The user clicks on the unsubscribe link via the mailbox providers UI.

• The ISP completes the unsubscribe process.

• The sender is responsible for processing the unsubscribe data to update their email list within 48 hours.

One-click unsubscribe is only required for promotional and commercial messaging, not for transactional messaging. This means that all your triggered password reset emails, shipping confirmations, reminders, etc. are not held to this requirement. We bet you’re thinking, but how do Gmail and Yahoo know which messages are transactional and which are promotional?

Recipient behavior plays a major role in how emails are positioned in the inbox, whether they go to spam and how future emails from a sender are treated. While we may never know the inner workings of mailbox giants like Gmail and Yahoo, there are best practices that are proven to help.

At Sinch Mailgun, we recommend that you separate the reputations between your promotional and transactional messaging by using different subdomains. So transactional messages may come from receipts.domain.com while promotional come from marketing.domain.com.

What do senders need to do to enable one-click unsubscribe if they are self-managing?

If you manage your own email program, or even just your unsubscribes, you will have to manually implement a one-click unsubscribe process.

1. Senders must include one List-Unsubscribe header field and one List-Unsubscribe-Post header field in their message.

2. The List-Unsubscribe header field must contain one HTTPS URI.

3. The List-Unsubscribe-Post header must contain the value “List-Unsubscribe=One-Click”.

4. The message must have a valid DKIM signature to cover the List-Unsubscribe, and List-Unsubscribe-Post headers.

5. The URI must include sufficient information to identify the mail recipient and the list from which they are to be removed.

6. The post request must not include cookies, HTTP auth, or any other identifying data that might link the unsubscribe action to any previous web activity.

For a full breakdown of the technical and data requirements of RFC 8058, view this tool from ietf.org.

What do Sinch Mailgun senders need to do to enable one-click unsubscribe?

For Sinch Mailgun users, we automatically insert the necessary headers.

Sinch Mailgun offers automated unsubscribe handling in which we insert one-click unsubscribe links into the footer of your emails that automatically process the unsubscribe requests of any recipients who choose to unsubscribe from your mailings.

Two email headers are key to facilitating one-click unsubscribes:

• List-Unsubscribe

• List-Unsubscribe-Post

To use Mailgun’s unsubscribe handling, you can enable it in Mailgun's Control Panel at the Domain-level, which adds the unsubscribe footer to all emails that are sent through that domain. You can also enable with Sinch Mailgun's APIs at the Email-level, which adds the unsubscribe footer selectively per email that is sent through that domain.

How RFC 8058 benefits both email senders and recipients

The convenience of one-click unsubscribe mechanisms like RFC 8058 benefits both email recipients and senders by promoting streamlined, user-friendly experiences that enhance email engagement and compliance with unsubscribe requests.

For senders

By offering a true one-click unsubscribe option, senders can improve their sender reputation, reduce spam complaints, and potentially improve deliverability.

For recipients

Unsubscribing becomes a hassle-free experience, reducing frustration and improving overall email satisfaction while making the unsubscribe process as simple as the process to send an email to spam.

The Future of Unsubscribes

While RFC 8058 is not universally mandatory, it is becoming increasingly adopted by major email providers like Gmail and Yahoo, and marketing automation platforms. Some email clients, like Gmail, even visually distinguish RFC 8058-compliant unsubscribe links for better user awareness.

RFC 8058 represents a significant step forward in simplifying the unsubscribe process for email. As more senders adopt this standard, email communication can become more respectful of recipients' time and preferences, fostering a more positive overall email experience.

Need help understanding sender requirements? Check out our resource page which provides resources for each of the requirements, and check out our on-demand fireside chat with Gmail and Yahoo to hear the answers straight from these mailbox providers.