Summary
Experts, email marketers, and documentation sources generally agree that using the same URL for both the List-Unsubscribe header and the email body's unsubscribe link is compliant with RFC 8058, as long as the server correctly differentiates between GET and POST requests. The List-Unsubscribe header with a POST request must trigger a silent one-click unsubscribe, while the body link with a GET request should lead to a confirmation page. Tools like aboutmy.email can provide an initial assessment of compliance. Testing the implementation is crucial, and providers like Google and Microsoft require correct handling of POST requests for their one-click unsubscribe features.
Key findings
- RFC 8058 Compliance: Using the same URL is compliant if GET and POST requests are handled correctly.
- POST Request: The List-Unsubscribe header requires a POST request for silent one-click unsubscribe.
- GET Request: The body link should use a GET request and lead to an unsubscribe confirmation page (or preference center).
- Gmail's POST: Gmail's unsubscribe option triggers a POST request directly, bypassing a confirmation page.
- Testing: Thorough testing is essential, including server-side verification.
- Compliance Check: Tools like aboutmy.email can give an indication of compliance.
- Bulk Sender Requirements: Google and Microsoft mandates the inclusion of the List-Unsubscribe header and expect the POST method to be handled appropriately for immediate unsubscription
Key considerations
- Request Type Handling: Ensure your server correctly differentiates and processes GET and POST requests to the unsubscribe URL.
- User Experience (UX): While compliant, consider if using separate URLs might offer a better user experience.
- HTTPS Compliance: Ensure the List-Unsubscribe URL is using HTTPS.
What email marketers say
8 marketer opinions
Multiple sources confirm that using the same URL for both the List-Unsubscribe header and the body link is compliant with RFC 8058 for one-click unsubscribe, provided that the server correctly differentiates between GET and POST requests. Specifically, POST requests to the header URL should trigger a silent unsubscribe, while GET requests to the body link should lead to an unsubscribe confirmation page. Some sources suggest that using different URLs might offer a better user experience.
Key opinions
- RFC 8058 Compliance: Using the same URL is compliant with RFC 8058 as long as GET and POST requests are handled differently.
- Silent Unsubscribe: POST requests to the List-Unsubscribe header URL must result in a silent unsubscribe.
- Confirmation Page: GET requests to the unsubscribe link in the email body should direct to a confirmation page.
- Improved Deliverability: Correct implementation of one-click unsubscribe improves email deliverability.
Key considerations
- Request Handling: Ensure your server can differentiate and correctly handle GET and POST requests to the unsubscribe URL.
- User Experience: Consider whether using different URLs for header and body links might improve the user experience.
Marketer view
Email marketer from EmailonAcid stated that the List-Unsubscribe header must have a way to unsubscribe a user with a single click. As long as it handles the requests as needed, it can be the same URL as the body link.
22 Sep 2024 - EmailonAcid
Marketer view
Email marketer from Mailjet explains that using the List-Unsubscribe header with a one-click unsubscribe option is crucial for compliance. They highlight the importance of handling POST requests correctly to ensure a seamless unsubscribe experience. They also mention that the URL used in the header can technically be the same as the one in the email body, as long as the server differentiates between GET and POST requests.
2 Feb 2022 - Mailjet
What the experts say
5 expert opinions
Experts indicate that using the same URL for both the List-Unsubscribe header and the email body is acceptable. The key is proper handling of the request type; the header requires a POST request that results in immediate unsubscription, while the body link should lead to a confirmation page. Testing the implementation, especially server-side, is crucial. Compliance can be initially gauged by tools like aboutmy.email. Gmail's unsubscribe feature bypasses the subscription center, directly POSTing to the server.
Key opinions
- URL Reuse: It is acceptable to use the same URL for both the List-Unsubscribe header and the email body.
- POST vs. GET: The server must differentiate between POST requests from the header (silent unsubscribe) and GET requests from the body (confirmation page).
- Gmail Behavior: Gmail's unsubscribe option sends a POST request directly, bypassing the subscription center.
- Testing Importance: Thorough testing of the unsubscribe functionality is essential.
- Initial Compliance Check: Tools like aboutmy.email can provide an initial indication of compliance.
Key considerations
- Server-Side Implementation: Ensure the server correctly handles POST requests for immediate unsubscription from the List-Unsubscribe header.
- Testing Process: Implement a robust testing process, including command-line testing, to verify one-click unsubscribe functionality.
- HTTPS: Ensure that the List-Unsubscribe URL is HTTPS.
Expert view
Expert from Email Geeks explains that using the same URL for both List-Unsubscribe header and the body is normal. The header requires a List-Unsubscribe-Post header and a POST request to the URL must perform the unsubscription. When clicked from the body the URL must go to a webpage to unsubscribe.
1 Mar 2025 - Email Geeks
Expert view
Expert from Email Geeks advises to personally test the one-click unsubscribe functionality rather than trusting the server-side implementation.
24 Aug 2022 - Email Geeks
What the documentation says
4 technical articles
Documentation from RFC 8058, Google, Microsoft, and SparkPost collectively indicates that using the same URL in both the List-Unsubscribe header and the email body is permissible. RFC 8058 itself doesn't prohibit it, and Google and Microsoft emphasize the need for a one-click unsubscribe mechanism implemented through the List-Unsubscribe header, requiring correct handling of POST requests. SparkPost explicitly states the URLs can be the same, stressing the importance of differentiating between GET and POST requests on the server.
Key findings
- RFC 8058 Allowance: RFC 8058 does not explicitly forbid using the same URL in the List-Unsubscribe header and the email body.
- One-Click Mandate: Google and Microsoft require a one-click unsubscribe feature via the List-Unsubscribe header.
- POST Request Handling: Correct handling of POST requests to the List-Unsubscribe header URL is crucial for compliance.
- GET/POST Differentiation: The server must differentiate between GET requests (e.g., from the body link) and POST requests (from the header).
Key considerations
- Server Configuration: Proper server configuration is essential to differentiate and correctly process GET and POST requests to the unsubscribe URL.
- Bulk Sender Guidelines: Adhere to bulk sender guidelines from providers like Google and Microsoft to ensure deliverability and compliance.
Technical article
Documentation from SparkPost explains that the URL in the List-Unsubscribe header can be the same. They do emphasize that if this is the case then the server must differentiate between GET and POST requests.
16 Dec 2022 - SparkPost
Technical article
Documentation from Microsoft details the requirements for bulk email senders, including the need for a one-click unsubscribe option. It mandates the inclusion of the List-Unsubscribe header, and while it doesn't explicitly prohibit the same URL, it expects the POST method to be handled appropriately for immediate unsubscription.
16 Apr 2023 - Microsoft
How do I add an unsubscribe button to the email header and what is RFC 8058?
How should one-click unsubscribe links handle GET vs POST requests?
How to check if Sendlane complies with RFC 8058 for one-click unsubscribe?
Is implementing a list-unsubscribe header mandatory for Gmail and Yahoo and what are the impacts?
What are the Gmail sender requirements for one-click unsubscribe, and where should the links be placed?
What are the requirements for one-click unsubscribe with Yahoo and Google, and how does RFC 8058 fit in?
