I'd like to customize the "unsubscribe" links in our email newsletters so that they remove the recipient with a single click. Right now they just point to a generic page where the user has to enter their email address and select the newsletter from which they'd like to unsubscribe.
It seems like this should be pretty straightforward, i.e. just include the email address and newsletter id as url parameters. But when I looked at examples from the lists I subscribe to, many don't include a recognizable address and most appear to be using what looks like guids and/or hashed values in the parameters. From that, I'm guessing that I should be hashing or otherwise encoding some information to prevent malicious abuse of the unsubscribe form.
So my question is really about best practices and not reinventing the wheel. Is there a standard way to handle this sort of functionality? More specifically, are there reasons not to include the recipient's email address as part of the url? This seems just simple enough that it feels like I'm overlooking something.
Click the Email tab. Select the Include unsubscribe link checkbox. To choose which phrase you want appear for your unsubscribe link, click Edit link text, then in the dialog box, select the radio button next to the link text that you want. Click Save.
Create a web page dedicated to unsubscribe requests. Both http: and https: are acceptable. For example, http://www.example.com/unsubscribe.html. Provide the unsubscribe URL to your email administrator or ESP, and ask them to insert it into the email header.
You can encode a URL like so:
http://yourserver.com/unsubscribe/<encoded-email>/<expiration>/<signature>
Where <signature>
is something like HMAC(secretkey, "<encoded-email>/<expiration>")
. Encoded-email can just be a URL-encoding of the email, or it can be an actually encrypted (AES+CBC+Base64 or similar) version of the email. Using full encryption would seem to be of little use though - since the person receiving this has their own email address anyway.
This signature scheme has the advantage of not needing any database storage, while remaining secure against malicious attempts to unsubscribe someone.
Alternately (or in addition to the above), you can send a confirmation mail out to confirm the user's intent. This avoids problems if the user forwards the email.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With