Secure unsubscribe link

Dear Mautic Community,

currently, if for example a newsletter email is forwarded by one person, then the other person can click on the unsubscribe link and unsubscribe the actual subscriber. (Trackable URL)

That’s why we had the idea that when you click on the unsubscribe link in an email, you will be taken to a Mautic page where you will have to click on a button to request a confirmation mail / verification mail. When the user clicks on the button, a journey is started in which a token is generated and stored in a contact field. Then an email is sent to the user,
in this mail is a link to the same Mautic page, but with the generated token as query parameter. If you call the page with the token parameter, Mautic checks if the token matches the token field of the current user and shows the unsubscribe button if they match.

So it’s like a double opt-in process to access the unsubscribe page / preference center.

The problem is that we have no idea how to generate a random token inside the journey. Does anyone have an idea? Or in general another solution how to protect the unsubscribe link?

Thank you!

Your software
My Mautic version is: 3.3.2


Your best bet is a so called ‘double optout’ feature.

  1. The unsubscribe link brings you to a landing page in Mautic
  2. Show a form here, where people can enter their email.
  3. The form starts a (restartable) campaign, and sends a confirmation email.
  4. You make a decision in the campaign, checking if the unsubscribe link in the email was clicked by this person.
  • if yes, → unsubscribe
  • (wait 30 days) if no, leave the campaign

Good luck.

1 Like