Does the order of mailto and https in List-Unsub header matter?
Matthew Whittaker
Co-founder & CTO, Suped
Published 19 May 2025
Updated 18 Aug 2025
7 min read
The List-Unsubscribe header is a crucial component for modern email marketing and deliverability. It provides recipients with an easy, often one-click, way to opt out of unwanted emails directly from their email client interface. This enhances user experience and significantly impacts your sender reputation, preventing complaints and spam reports.
With the latest email sender requirements from providers like Google and Yahoo, the importance of the List-Unsubscribe-Post header and its HTTP/HTTPS URL has grown. These changes aim to standardize and simplify the unsubscribe process, making it easier for users to manage their inboxes and for senders to maintain good standing. Proper implementation is now more critical than ever to ensure your emails reach the inbox.
A common question arises regarding the structure of the List-Unsubscribe header, especially when both mailto and https URLs are included. Does the order of these links within the header impact how email clients process them, or influence unsubscribe behavior? This guide will clarify the technical specifications and practical implications of the order of these values.
RFC specifications and client behavior
The List-Unsubscribe header can contain one or more URLs, typically a mailto address and an https URL. The mailto link triggers an email client to send an unsubscribe request via email, while the https URL directs the user to a webpage or triggers a one-click unsubscribe action. For more on these mechanisms, see our guide on how List-Unsubscribe headers function.
RFC 2369, the original specification for the List-Unsubscribe header, did not specify a particular order or preference between multiple URLs. However, RFC 8058, which introduced one-click unsubscribe via HTTP POST requests, mandates the presence of an https URL for one-click functionality. It does not, however, impose any requirement on the order of mailto versus https links when both are present. You can review the specifics of what RFCs say versus what works in practice.
Despite no explicit order in the RFCs, email clients (Mail User Agents or MUAs) generally prioritize the https URL for one-click unsubscribe functionality, especially Gmail and Yahoo. This is because https URLs allow for immediate, silent unsubscription without requiring the user to send an email or visit a landing page. This improves the user experience significantly. So, while the order might not break anything, the client's preference for https is what truly matters.
It's worth noting that if you include multiple https URLs or multiple mailto URLs in a single header, behavior can become MUA-specific. While technically allowed by some older RFCs, this practice is not recommended as it can lead to inconsistent or unpredictable unsubscribe experiences for your recipients. Simplicity and adherence to modern standards are key to successful email deliverability. Read more on how email clients use List-Unsubscribe.
Deliverability and reputation implications
From a deliverability perspective, providing a reliable and simple unsubscribe method is paramount. Email service providers (ESPs) and mailbox providers (MBPs) actively monitor complaint rates and unsubscribe rates. A high rate of complaints can lead to your emails being flagged as spam, ending up on a blacklist (or blocklist), or even a complete block of your sending domain or IP. By offering a prominent List-Unsubscribe header, you empower users to opt out gracefully, thus preserving your sender reputation. This is especially true for marketing emails where recipients are more likely to seek an easy unsubscribe option. You can learn more about what being blacklisted means.
The one-click unsubscribe mechanism, typically triggered by the https URL, is highly favored by major providers like Google and Yahoo. Their recent sender requirements emphasize the need for this mechanism. While including a mailto link doesn't hurt, it is the https URL that facilitates true one-click functionality and meets compliance standards. Learn more about the requirements for List-Unsubscribe headers to comply with Yahoo and Gmail.
The primary goal should be to implement a List-Unsubscribe header that is correctly formatted and includes an https URL for one-click unsubscribe. While the order of mailto and https links does not technically matter according to RFCs, it is generally good practice to place the https URL first. This subtly indicates its primary role as the preferred method for modern email clients. However, the functionality will remain the same regardless of the order, as clients prioritize based on their internal logic and the RFC 8058 standard. This standard means that for mass senders, an one-click unsubscribe header is a requirement.
Mailto links
Functionality: Generates an email from the user's client to the specified address. Requires manual action from the user to send the email.
Compliance: Part of older RFCs and still supported by many clients, but less preferred by major mailbox providers for one-click. Mailto links are not compliant with the Google and Yahoo one-click requirements.
User experience: Can be clunky for users, as it opens a new email draft and requires an additional step.
HTTPS links
Functionality: Triggers a silent HTTP POST request to the specified URL. Automates the unsubscribe process for a true one-click experience.
Compliance: Mandatory for one-click unsubscribe as per RFC 8058 and the latest Google and Yahoo sender requirements. Google requires List-Unsubscribe for one-click.
User experience: Seamless and instant, providing the best user experience and reducing complaint rates.
Maintaining a healthy email program requires vigilance over your email deliverability metrics. This includes regularly checking your sender reputation, monitoring for blocklist (or blacklist) placements, and ensuring all your email authentication standards are met. The List-Unsubscribe header is a critical part of this ecosystem, as it directly influences how mailbox providers perceive your sending practices. A well-configured header contributes positively to your overall email deliverability. If you're encountering issues, consider using an email deliverability tester.
Best practices
While the order of mailto and https links in your List-Unsubscribe header doesn't technically matter according to RFCs, practical considerations and evolving email client preferences suggest a clear best practice. Prioritizing the https URL for one-click unsubscribe is essential for meeting modern compliance standards and ensuring optimal deliverability. You can verify your List-Unsubscribe headers are configured correctly.
Best practices for List-Unsubscribe headers
Include both: Always provide both a mailto link and an https URL in your List-Unsubscribe header for maximum compatibility.
Prioritize HTTPS: Place the HTTPS URL first in the header. While not required by RFC, it aligns with client preferences.
Ensure validity: Verify that both your mailto address and HTTPS URL are functional and lead to a successful unsubscribe.
By following these best practices, you can ensure your unsubscribe process is seamless, compliant, and contributes positively to your email deliverability and sender reputation. This proactive approach helps avoid blacklists (or blocklists) and ensures your messages reach your audience effectively.
Views from the trenches
Best practices
Always include both the mailto and HTTPS List-Unsubscribe links.
Prioritize the HTTPS URL by placing it first, aligning with modern email client preferences.
Ensure your unsubscribe process is immediate and fully automated via the HTTPS link.
Common pitfalls
Relying solely on the mailto link for unsubscribes, as it is no longer sufficient for compliance.
Having multiple List-Unsubscribe headers or multiple URLs of the same type in one header.
Failing to implement a functional one-click unsubscribe mechanism through the HTTPS URL.
Expert tips
Consider a preference center that also includes a clear one-click unsubscribe option.
Test your List-Unsubscribe headers regularly across different email clients to ensure consistent behavior.
For transactional emails, a List-Unsubscribe header is often not necessary and can sometimes be detrimental.
Expert view
Expert from Email Geeks says: RFC 8058 does not specify a required order for mailto and HTTPS URLs within the List-Unsubscribe header.
Jan 11, 2024 - Email Geeks
Expert view
Expert from Email Geeks says: Email clients supporting RFC 8058 will prioritize the HTTPS one-click unsubscribe URL over a mailto link, irrespective of their placement.
Jan 11, 2024 - Email Geeks
Final thoughts on List-Unsubscribe order
The technical answer to whether the order of mailto and https in the List-Unsubscribe header matters is that, according to RFC 8058, it does not. The primary requirement is the presence of an https URL to enable one-click unsubscribe functionality, which is the preferred method for major mailbox providers like Google and Yahoo.
While placing the https URL first can be seen as a minor best practice for clarity, it won't impact functionality. Focus your efforts on ensuring your List-Unsubscribe header is correctly implemented with an https endpoint to provide a seamless unsubscribe experience and maintain good sender reputation. This proactive approach helps keep your emails out of the spam folder and off a blacklist (or blocklist).
Google and 
Yahoo. Their recent sender requirements emphasize the need for this mechanism. While including a mailto link doesn't hurt, it is the https URL that facilitates true one-click functionality and meets compliance standards. Learn more about the requirements for List-Unsubscribe headers to comply with Yahoo and Gmail.
