top | item 44284315

(no title)

Ciunkos | 8 months ago

To stay CAN-SPAM compliant, the sender MUST NOT require anything else but an email and a single visit to a webpage. A confirmation page is OK but requiring an auth or any other information or steps is simply illegal.

As a rule of thumb, one-click List-Unsubscribe with List-Unsubscribe-Post headers and a plain opt-out page (with confirmation if you risk such security solutions clicking on them, applicable only in B2B as you say) for the unsubscribe link in the email body.

These links should ideally be personalized (i.e. encode recipient’s email/account ID) so the opt-out page would not even require users to put their emails.

And please keep List-Unsubscribe via mailto as well, some clients may not support HTTPS POST.

discuss

No comments yet.