List-Unsubscribe Header Generator

Build the List-Unsubscribe and one-click List-Unsubscribe-Post (RFC 8058) headers that satisfy Gmail and Yahoo's bulk-sender rules. Free, with no signup.

Build the List-Unsubscribe and one-click List-Unsubscribe-Post headers that let Gmail, Yahoo and Apple Mail show a built-in unsubscribe button next to your sender name. Everything is generated in your browser — nothing is sent anywhere.

Unsubscribe URL (HTTPS)

Unsubscribe mailto address (optional)

Generate a compliant List-Unsubscribe header for Gmail and Yahoo's bulk-sender rules in seconds. Free, and built entirely in your browser.

How it works

1

Add your unsubscribe URL

Paste the https:// endpoint that unsubscribes a recipient.

2

Add a mailto (optional)

Include a mailto unsubscribe address for older clients.

3

Enable one-click

Keep RFC 8058 one-click on for Google and Yahoo compliance.

4

Copy the headers

Paste them into your ESP or SMTP message headers.

What is the List-Unsubscribe header?

The List-Unsubscribe header (RFC 2369) is a message header that tells the recipient's mailbox provider how to unsubscribe. Its value is one or two entries in angle brackets — an https URL, a mailto address, or both — separated by a comma, for example <mailto:unsubscribe@example.com>, <https://example.com/unsub?id=123>.

When it's present and the message authenticates, Gmail, Yahoo, Outlook and Apple Mail render a native unsubscribe button by the sender name. That gives recipients a trusted way to opt out and keeps them from hitting the spam button — which is what actually damages your sending reputation.

One-click unsubscribe (RFC 8058) and the 2024 Google & Yahoo rules

One-click unsubscribe adds a second header, List-Unsubscribe-Post: List-Unsubscribe=One-Click (RFC 8058), alongside an https URL. The mailbox provider then unsubscribes the recipient with a single HTTP POST to your endpoint — no landing page or extra click. A mailto value alone can't be one-click, so the https method is required for it.

Since February 2024, Google and Yahoo require bulk senders (about 5,000+ messages a day to their users) to support one-click List-Unsubscribe and to honour opt-outs within two days, alongside SPF, DKIM, DMARC and a spam-complaint rate under 0.3%. Meeting these rules is now a baseline for landing in the inbox rather than the spam folder.

How to add these headers

Most email service providers add compliant List-Unsubscribe and List-Unsubscribe-Post headers automatically when you send a marketing campaign — you usually just confirm the feature is on. If you send through raw SMTP or a transactional API, you add the two header lines yourself and stand up an endpoint that accepts the POST and unsubscribes the recipient.

Use the generator above to build the exact header lines from your unsubscribe URL and mailto address, then copy them into your ESP settings or your message headers. Whichever route you take, keep a visible unsubscribe link in the body as well — the headers complement it, they don't replace it.

How to implement the one-click unsubscribe POST endpoint

When a recipient clicks the unsubscribe button, Gmail or Yahoo sends an HTTP POST to the https URL in your List-Unsubscribe header — Content-Type application/x-www-form-urlencoded, body List-Unsubscribe=One-Click (RFC 8058). It is a server-to-server request from the mailbox provider, so the recipient is never redirected to your site and never sees a page. Your endpoint has to recognise that body, unsubscribe the recipient, and return a 2xx status. Do the heavy work asynchronously if you need to, but acknowledge quickly and make the handler idempotent, because the same POST can arrive more than once.

The POST body is a fixed string with no recipient in it, so the recipient has to be encoded in the URL itself. Give every message a unique link like https://example.com/unsub?id=8f3c9a and look the subscriber up from that token. Use a random or HMAC-signed token rather than the raw email address: the URL is visible in the headers, and a guessable one lets anyone unsubscribe your recipients or harvest addresses. The endpoint must not require a login, cookie, JavaScript or confirmation step.

In practice the same URL usually handles two things: a GET, when a person clicks the unsubscribe link in the message body, which can show a normal confirmation page; and a POST, the one-click request, which must unsubscribe immediately with no further interaction. Keep the two paths separate in your handler so the one-click POST never depends on the confirmation UI.

How to test your List-Unsubscribe header in Gmail

Send a test message to a Gmail address, open it, and use the three-dot menu then Show original. In the raw message, confirm that both List-Unsubscribe and List-Unsubscribe-Post: List-Unsubscribe=One-Click are present and that SPF, DKIM and DMARC all show PASS — Gmail suppresses the unsubscribe control when authentication fails. You can also paste the raw text into Emailchaser's free email header analyzer to read the headers and auth results without hunting through the source.

When everything is valid, Gmail shows an Unsubscribe link next to the sender name at the top of the message. Don't panic if it doesn't appear on the first send from a brand-new domain: Gmail surfaces the control more reliably once a sender has some reputation and volume, even when the header itself is perfect. The header is still doing its job — provider unsubscribe buttons and the two-day rule work off it regardless of whether the top-of-message link renders for you.

To check the POST handler without waiting on Gmail, simulate the provider's request from a terminal: curl -X POST -d 'List-Unsubscribe=One-Click' 'https://example.com/unsub?id=123'. You should get a 2xx response and see that recipient marked unsubscribed. If curl works but Gmail's button doesn't, the problem is almost always authentication or reputation, not your endpoint.

mailto vs HTTPS unsubscribe: when to use each

A mailto value unsubscribes by emailing an address you monitor, such as <mailto:unsubscribe@example.com>. It works in essentially every client, and Apple Mail uses it to power its own one-tap Unsubscribe, but it can never be one-click in the RFC 8058 sense because it can't carry the List-Unsubscribe-Post header. Choosing mailto also means building automation that reads that inbox and removes the recipient within two days, and keeping the mailbox itself deliverable.

An https value plus List-Unsubscribe-Post is the only combination that satisfies Google and Yahoo one-click. You don't have to choose, though — list both and let each provider pick the method it supports, for example List-Unsubscribe: <mailto:unsubscribe@example.com>, <https://example.com/unsub?id=123>. Gmail and Yahoo take the https one-click path, while older or niche clients fall back to the mailto. If you only implement one, make it https so you stay compliant with the bulk-sender rules.

The full Google and Yahoo bulk-sender checklist

One-click unsubscribe is one line on a longer checklist that applies once you send around 5,000 messages a day to Gmail or Yahoo personal accounts (counted per From-header domain — cross it once and you're treated as a bulk sender). Alongside the one-click List-Unsubscribe and a visible in-body unsubscribe link, both providers require you to authenticate with SPF and DKIM, publish a DMARC record, and align the From domain with SPF or DKIM so DMARC passes. You also can't send bulk mail from an @gmail.com From address.

The rest is infrastructure and hygiene: valid forward and reverse DNS (PTR) on your sending IPs, TLS on the connection, RFC 5322-formatted messages, and a spam-complaint rate kept under 0.3% in Google Postmaster Tools (aim below 0.1%). If any of that is missing, the unsubscribe header alone won't keep you in the inbox — Emailchaser's free SPF, DKIM and DMARC generators fix the authentication side, and the deliverability test checks the whole set in one pass.

Common questions about the List-Unsubscribe header

What is the List-Unsubscribe header?


List-Unsubscribe is an email header, defined in RFC 2369, that tells the receiving mailbox provider how a recipient can unsubscribe. Its value holds an https URL and/or a mailto address in angle brackets. When it's present, clients like Gmail, Yahoo and Apple Mail show a built-in unsubscribe button next to the sender name, instead of relying only on the link in the body.

What is List-Unsubscribe-Post and one-click unsubscribe?


List-Unsubscribe-Post is a second header, defined in RFC 8058, with the fixed value List-Unsubscribe=One-Click. Paired with an https URL in List-Unsubscribe, it lets the mailbox provider unsubscribe the recipient by sending a single HTTP POST to your endpoint — no landing page, extra click or login. That is what mailbox providers mean by one-click unsubscribe.

Do I need the List-Unsubscribe header?


If you send bulk email you effectively do. Since February 2024, Google and Yahoo require bulk senders (roughly 5,000+ messages a day to their users) to include a one-click List-Unsubscribe header and to process unsubscribe requests within two days. Even below that threshold it's a strong deliverability signal, so it's good practice for any marketing or cold email program.

What's the difference between the mailto and https methods?


A mailto value unsubscribes the recipient by sending an email to your unsubscribe address, and it works in every client but can't be one-click. An https value points to a web endpoint and, combined with List-Unsubscribe-Post, supports true one-click unsubscribe. You can list both — providers pick the method they support. For Google and Yahoo compliance you need the https + one-click combination.

Why isn't the unsubscribe link showing in Gmail?


Gmail only shows the built-in unsubscribe control when the header is well-formed and the message passes authentication. Check that the address is angle-bracketed, that SPF, DKIM and DMARC align and pass, and that for one-click you send both List-Unsubscribe and List-Unsubscribe-Post. Gmail also tends to surface the button more consistently for senders with an established reputation.

Does this replace the unsubscribe link in my email body?


No. Google and Yahoo still require a clearly visible unsubscribe link inside the message body. The List-Unsubscribe headers are added in addition to that link, not instead of it — you need both.

Do I need both List-Unsubscribe and List-Unsubscribe-Post?


For Google and Yahoo one-click compliance, yes. List-Unsubscribe carries the https URL, and List-Unsubscribe-Post: List-Unsubscribe=One-Click is what tells the provider it can unsubscribe with a single POST. A List-Unsubscribe header on its own — or one that only lists a mailto address — is valid but is not one-click, so it does not meet the bulk-sender requirement.

What HTTP request does one-click unsubscribe send to my server?


An HTTP POST to the https URL in your List-Unsubscribe header, with Content-Type application/x-www-form-urlencoded and the body List-Unsubscribe=One-Click (RFC 8058). It comes from the mailbox provider's servers, not the recipient's browser, so there is no page load or redirect — your endpoint just has to accept the POST, unsubscribe the recipient, and return a 2xx status.

How quickly do I have to honour an unsubscribe?


Google and Yahoo require bulk senders to process opt-outs within two days, whether they arrive through the one-click header or the link in the message body. Processing means stopping further marketing mail to that recipient on that stream — you do not have to delete their record, just suppress them. Building in same-day suppression is safer than waiting the full 48 hours.

Does Apple Mail support the List-Unsubscribe header?


Yes. Apple Mail shows an Unsubscribe prompt at the top of a message when a valid List-Unsubscribe header is present, and it has long used the mailto method — sending the unsubscribe email on the recipient's behalf — rather than the https one-click POST. Listing both a mailto and an https value covers Apple Mail as well as Gmail and Yahoo.

Should I put the recipient's email address in the unsubscribe URL?


It is safer to use an opaque, unguessable token (random or HMAC-signed) that maps to the subscriber on your side. The unsubscribe URL is visible in the raw headers, so a link built from the plain email address — or a sequential id — lets anyone unsubscribe your recipients or scrape addresses. The one-click POST body never contains the recipient, so whatever identifier you need has to live in that URL.

Ready to 10x your pipeline?

Send your first cold email campaign today, risk-free.

Try for free