How to check if Sendlane complies with RFC 8058 for one-click unsubscribe?

Key findings

• Header vs. Body Link: RFC 8058 requires a List-Unsubscribe-Post header that facilitates a direct, one-click unsubscribe without needing to visit a landing page.
• ESP Explanation Discrepancy: A Sendlane support response describing a web page unsubscribe flow indicates a misunderstanding or misrepresentation of RFC 8058, which mandates an automated POST request upon clicking.
• Testing Challenges: Some ESPs may suppress emails sent to testing tools like aboutmy.email, complicating direct verification.
• Manual Verification: Checking email headers for the presence of List-Unsubscribe-Post and List-Unsubscribe (with HTTPS link) is essential.
• DKIM Inclusion: Both unsubscribe headers should be included in the DKIM-Signature header for proper authentication and compliance.

Key considerations

• ESP Knowledge Gaps: Support representatives may lack specific deliverability knowledge regarding complex standards like RFC 8058. Escalation to a deliverability specialist within the ESP is often necessary.
• Unsubscribe Functionality: A compliant one-click unsubscribe helps to reduce spam complaints, improve email sender reputation, and ensures compliance with new regulations from major inbox providers like Gmail and Yahoo. Learn more about one-click unsubscribe requirements.
• Postmaster Tool Reporting: If Google Postmaster Tools flags non-compliance, it is a strong indicator of an issue, even if the ESP claims otherwise or if manual tests are difficult.
• Troubleshooting Headers: Manually reviewing the email headers for the List-Unsubscribe and List-Unsubscribe-Post fields is the most reliable way to verify compliance. This process can help you verify List-Unsubscribe header configuration.

Key opinions

• Difficulty in Verification: Marketers find it hard to confirm RFC 8058 compliance when testing emails to tools like aboutmy.email aren't being delivered.
• Surprise at Non-Compliance: There's widespread surprise if a large ESP like Sendlane hasn't implemented RFC 8058, especially since their former leadership was vocal about such changes.
• Potential Misflagging: It's suggested that Google Postmaster Tools might sometimes misflag compliance if the email is incorrectly classified, for example, as a transactional email not requiring one-click unsubscribe.
• Subdomain Dedication: Marketers who dedicate specific subdomains for their ESPs expect those platforms to handle compliance seamlessly for bulk sends.

Key considerations

• Testing Tool Reliability: Consider that ESPs might intentionally block or suppress certain test addresses, affecting the reliability of external validation tools. For testing one-click unsubscribe functionality, you can use email marketing testing methods.
• Direct ESP Communication: When an ESP's support response seems incorrect, escalate the issue to a higher level or a specialized deliverability team. This approach is key to understanding unsubscribe requirements for email headers.
• Silent Blocking: An ESP might implement rate limits or silent blocking on unsubscribe endpoints to prevent abuse, which could inadvertently affect compliance checks.
• Industry Standard Knowledge: Marketers should be familiar with the core principles of RFC 8058 to identify incorrect compliance explanations from their ESPs, especially concerning one-click unsubscribe implementation.

Key opinions

• Support Understanding: Experts believe that ESP support representatives may lack the specific deliverability knowledge to correctly explain RFC 8058 compliance, making escalation necessary.
• Header Requirements: True compliance requires both the List-Unsubscribe and List-Unsubscribe-Post headers to be present and correctly configured.
• DKIM Inclusion: For correct implementation, both unsubscribe headers should be included within the DKIM-Signature header, which is a common oversight.
• Manual Troubleshooting: Inspecting full email headers manually is recommended to confirm correct implementation when automated tools fail.
• Suppression Lists: Some ESPs actively add testing services like aboutmy.email to their suppression lists, preventing test emails from reaching them.

Key considerations

• Escalation Path: If an ESP's initial response about RFC 8058 compliance is confusing or incorrect, it's crucial to escalate the issue within their support structure to reach a deliverability expert.
• Header Inspection: Always verify compliance by examining the raw email headers for the presence and correct format of the List-Unsubscribe-Post and List-Unsubscribe headers. This is critical for Yahoo and Gmail unsubscribe requirements.
• Endpoint Verification: Beyond header presence, the POST endpoint specified in List-Unsubscribe-Post must function correctly and initiate an immediate unsubscribe upon a POST request.
• Staying Updated: Keep abreast of the latest deliverability requirements from major mailbox providers. RFC 8058 has been a standard for some time, and adherence is now strictly enforced, as detailed by Postmastery.

Key findings

• RFC 8058 Definition: The standard specifies a method for signaling a one-click function for the List-Unsubscribe email header field, explicitly detailing how a POST request should be used.
• Automated Unsubscribe: RFC 8058 defines a true one-click unsubscribe as an HTTPS URI POST that triggers an unsubscribe within 48 hours without additional user interaction.
• Mandatory Header Inclusion: New requirements from major mailbox providers necessitate the inclusion of the List-Unsubscribe-Post header for bulk senders.
• Compliance Deadlines: Google explicitly set a deadline for requiring RFC 8058 one-click list-unsubscribe support in headers, with non-compliance leading to emails not being delivered.

Key considerations

• Technical Implementation: Implementing RFC 8058 requires a technical understanding of email headers and server-side handling of POST requests, not just placing a link in the email body.
• Header Integrity: Ensure that the relevant unsubscribe headers are properly signed by DKIM to prevent tampering and ensure their authenticity. You can learn more about email authentication standards.
• Avoiding Bot Clicks: RFC 8058 is designed to allow mailbox providers to offer one-click unsubscribe without triggering accidental unsubscribes from bots. Proper implementation protects senders from bot clicks and ensuring compliance.
• Unified Approach: While RFC 8058 focuses on the header, maintaining a clear unsubscribe link in the email footer is still a best practice for user experience and CAN-SPAM compliance, ensuring a harmonized unsubscribe mechanism.