Community Home
Resources
Events & Webinars
Learn
Groups
Product Ideas
Followers Are Great, Contacts Are Gold. Create a Free AI-Quiz With Lead Magnet to Share With Your Followers and Own Your Contacts!
Get Started

One click unsubscribe not viable for my use case

Ivanb09
Rookie
‎03-06-2025 12:00 PM
0 Votes
‎03-06-2025 12:00 PM

Regardless of what google and yahoo say, I need to be able to verify that when user@domain wants to unsubscribe they MUST verify their account ownership first.

 

Simply embedding a long per-person (email address) token in CLEAR text in an email is liable to interception?

 

If any bad actor has the email they can simply curl the URL for the unsubscribe and that person will be unsubscribed.

 

Does your platform offer "validated owner account unsubscribe" i.e. password or 2FA protected?

 

Thanks

 

PS part of my organisation is a customer and I specialize in security.

 

 

Labels:
1 REPLY 1
William_A
Administrator
Administrator
‎03-06-2025 12:19 PM
0 Votes
‎03-06-2025 12:19 PM

Hello @Ivanb09 ,

 

No, since we're an external email service provider, any emails coming from our system would not be affected by the internal mechanisms for specific email programs. Therefore, it would not be possible to "vet" contacts' unsubscriptions via two-factor or password entry for one-click unsubscribe, as contacts do not have their own MFA and passwords for your particular Constant Contact (or any ESP for that matter) account.

 

One-click unsubscribe is a requirement we must comply with in order to still operate globally, as well as have emails accepted by the largest and most popular email programs. Unsubscription in general has to be as deliberately clear and unburdened of a process as possible, in order to comply with industry standards and anti-spam laws. At this time, the current one-click unsubscribe process cannot be changed or removed. There are currently no plans to change this, unless there are significant changes to anti-spam laws and industry standards.

 

Contacts unsubscribing via the links provided in Compliance blocks / footers are still redirected to a confirmation page. On this page, they can pick-and-choose other lists you've made available as an alternative to wholly unsubscribing, or make the final confirmation of the email address they're unsubscribing for. If they change the email address that auto-populates from clicking the coded unsub link, they will see an error message. There are currently no plans to change this, unless there are significant changes to anti-spam laws and industry standards.

 

See also:

Understanding unsubscribed contacts

Manually resubscribe a contact

Update your email and sign-up form footer settings

Constant Contact's email permission policy


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
William A
Community & Social Media Support
  • Avatar

    Featured Article

    Why Picking the Right Fonts for Your Emails Matters

    When it comes to email marketing, design plays a huge role in grabbing attention and keeping your readers engaged.

    See Article
  • Avatar

    Featured Thread

    The Unintentional Humor of Spam Emails

    Have you ever wondered who or what is on the other side of a spam email? Take 10 minutes out of your day and watch this lighthearted video!

    View thread
  • Avatar

    Featured Thread

    How to Create Images of Multi-Page PDFs

    Discover the process of transforming PDFs with multiple pages into image files directly on Constant Contact.

    See Article
Updates
Just Getting Started?

We’re here to help you grow. With how-to tutorials, courses, getting-started guides, videos and step-by-step instructions to start and succeed with Constant Contact.

Start Here

73% of SMBs express doubt that their marketing strategy is effective. Does this sound familiar? Read our Small Business Now Report to learn how you can tweak your strategy to see better results.

Go read our article
Upcoming Webinars
MAR 27
Revamp Your Email Marketing Using Metrics and Reporting
2PM - 3PM EST
Register now