The new 2024 email sending requirements for Google and Yahoo (collectively being called "Yahoogle", we guess that's their celebrity couple name) are causing a lot of concern among email senders, but they needn't. In fact, the odds are good that you are already doing everything that you need to, or, if you aren't, you already know that you should be. The bottom line is that the general requirements are simply: Have proper authentication set up (SPF, DKIM, and DMARC - yes, all three), have the required one-click unsubscribe link in your headers in all of your bulk email, and keep your spam complaint rate down in the negligible zone (more on that later).
There is a hidden legal danger in not confirming email addresses, and yes, even in the United States. We talk a lot about email deliverability (because hey, we're the original email deliverability service). And in that context we always explain how using double opt-in (i.e. confirmed opt-in) helps immensely with deliverability by reducing spam complaints and increasing interaction rates. But now we're going to talk about something that people rarely think about: not confirming someone's email address before you use it or add it to a mailing list can have serious legal consequences for you having nothing to do with CAN-SPAM, GDPR, CASL or any email-specific law. It can also have serious consequences for others, consequences that in turn can come back to you in serious, unexpected, but entirely avoidable, legal ways.
Sending email from a decoy, pass-through email domain which forwards to a primary domain is never a good idea. (Some people call this a 'dummy domain', but that's actually something different.) What they do is set up a decoy domain and send their cold email from it, with links in the cold email which point to their primary domain. They do it this way in an effort to protect the reputation of their primary domain, aren't they so clever? Here's the thing; actually two things: 1. It doesn't work, it will still drag down their primary domain's reputation, and 2. it doesn't work because they are spamming. Calling it "cold email" when what you've done is scraped or purchased an email address and put it on a mailing list without consent is spam, no matter how much you try to polish it up and call it something else.
You may not have heard of drip email marketing, or email drip marketing, but I can assure you that you know what it is. You have either sent it, or received it, or in some other way come into contact with it. Wikipedia - not always the most reliable source, but in this case accurate - describes drip email this way: "Email drip marketing is a form of e-mail marketing where a company sends ("drips") email messages to subscribers on a scheduled basis established using e-mail marketing software."
We've talked in the past about why address book importing is just not ok. But in addition to the fact that it trains people to enter their passwords at third-party sites, and to the fact that when you send out all those invitations it makes you look like a spammer, there's another big reason to not do address book importing.
You may or may not have heard the furor over Spamza - the website where anybody can enter any email address, and have that email address instantly signed up for hundreds of newsletter mailing lists. Of course, everybody is very upset because this site facilitates people getting spammed. BUT, there is also a very important lesson here for email marketers, newsletter publishers, and just about any other email sender who maintains a mailing list.