SSL for Click Tracking and List Unsubscribe Headers

In 2023, Gmail and Yahoo announced requirements for senders to include list-unsubscribe headers in mail sent to their users. In response, Twilio SendGrid ensured that users using our Subscription Tracking feature would have these headers automatically included. 

SendGrid inserts a link into the list-unsubscribe header using the customer’s Link Branding domain. For example, if link branding is set up for test.example.com, the list-unsubscribe URL included in the list-unsubscribe header would utilize a domain of test.example.com.

 

How might this impact me? 

Many Twilio SendGrid customers utilize our SSL for Click Tracking feature. SSL for Click Tracking allows users to ensure that https links can be sent and used in conjunction with Click Tracking

When SSL for Click Tracking is enabled, all links included in the email will utilize https and the domain set up under Link Branding. When the Link Branding domain is set up for SSL Click Tracking, the recipient of that link is first directed to the CDN where the SSL certificate is housed. That CDN then redirects the traffic through to SendGrid after serving that certificate. This means that when using SSL for Click Tracking, the attempt to utilize the list-unsubscribe POST header will first be routed through the CDN before reaching SendGrid. 

The URIs populated in List-Unsubscribe headers are intended for use by backend or automated systems, which may require a POST request, whereas the URIs populated in the body of the message are intended for use in browser--initiated by a human--which is done via GET requests.

 

How do I ensure that all List-Unsubscribes are processed through the CDN and SendGrid?

To ensure that the CDN redirects those POST requests to Twilio SendGrid so that the unsubscribe can be processed, your CDN must first allow POST requests. Secondly, the CDN must allow POST requests from non-browser user agents. 

We have seen instances where unsubscribes are not redirected to Twilio SendGrid when the POST requests are unable to be redirected. Additionally, we’ve seen a lack of redirects when the POST request does not come directly from a browser. 

To ensure that all list-unsubscribe requests are processed by Twilio SendGrid, you will want to ensure that your CDN is allowing both POST requests and POST requests from user-agents that are not browsers.

Please reach out to our Support Team with any questions.

Have more questions? Submit a request