We are often asked by volume email senders just why we urge people to use confirmed opt-in (or “double opt-in”) whenever possible. After all, they know that they are being ethical and only adding to their mailing lists people whom they believe really want their mailings.
Why should they have to go through the added “hassle” of using confirmed opt-in? Why should they put their recipients through that hassle? (Yes, some senders have actually convinced themselves that users would rather be put on a mailing list without their permission than have to go through the “hassle” of clicking on a link to confirm their interest.)
It makes sense that squeaky clean, legitimate email senders would wonder about this. If you are keeping meticulous records of the date, time, and location that someone requested to be on your mailing list – if you are even recording the IP address from which the request originates – why should you go that extra step, and require confirmation?
It’s the only way to prove your innocence to a claim that you spammed someone – it’s the only way to prove it to the ISPs and spam filters who will have to look at your word versus the the word of their own user who claimed that you spammed them.
Example #1: Let’s say that this morning I go to some random site, and sign your email address up for all 43 of their newsletters. Your inbox gets flooded, and you complain that they are spamming you. They produce records showing that on July 30, 2009, ‘you’ signed up for those newsletters from IP address 18.104.22.168. Only, of course, you didn’t. And if they had required confirmation, the situation would never have happened.
Example #2: Someone who has it in for John Doe goes to your web site and signs John Doe up for all of your newsletters. John Doe complains to your ISP, to their ISP, and to SpamCop. Now you are trying to prove that John Doe really signed up. Only you can’t prove it, and so your ISP, his ISP, and SpamCop now have you on their radar as, at best, someone whose system can be abused to cause someone else to be spammed – at worst, someone who is intentionally spamming and lying about the opt-in information (single opt-in info can be easily spoofed – whereas it’s basically impossible to spoof a confirmation that required someone at the target email address to respond to something that was emailed to that address, such as following a link or replying to an email).
Example #3: Someone who has it in for you goes to your site and signs up an anti-spammer, or someone who runs an ISP or spam filter blacklist, for one or more of your newsletters. The anti-spammer/ISP person knows darned well they didn’t sign up for your newsletter – you are spamming them – and you get blacklisted. And you can’t get unblacklisted because in fact you are spamming them – you’ve been set up (yes, this really happens).
These are but three examples – real life examples – of how not using confirmed opt-in can cause you serious problems.
So, do you have to use confirmed opt-in?
Only if you want to be sure that your email gets through.
I love the concept of double-opt in, but what if the confirmation email gets blocked or delivered to the users spam folder?! That user can never join your list. And if you require a login to access content on your website, than the user trying to join, must first wait for the confirmation email… you can control only part of the delivery speed: if Yahoo, AOL, etc. is delayed than that user again can’t get on your site and perhaps they find what the info they need on another site?
Yes, Double-Opt-In is the gold standard, but it does have its downside as well.
Lastly, what is best practice for number of confirmation emails to send asking the user to confirm their opt-in? Can you/should you email the user again, if they don’t respond to the first confirmation request?
I run several technical mailing lists, all of which are confirmed opt-in.
We are a bit old-school, in that we still use majordomo as our MLM. All list management is done via email. There is no web interface.
I tell users that I will provide them with any assistance that I can, short of actually manually adding them to the list. I also tell them that I will happily remove them from the list if they ask.
I see confirmed opt-in as serving several functions:
1. It confirms that the user actually wants to subscribe to the list.
2. It confirms that the user can actually receive mail from the list, and that there are no incorrect addresses, or filters in the way.
3. It ensures that the user has enough of a clue to follow the instructions, and successfully use majordomo to subscribe. Hopefully they will continue to have enough clue to manage their subscription in the future.
Check this out…
My he/she boss/owner decided that our list wasn’t growing with the double opt-in so he/she switched it to single opt-in, just wait till i tell you how the subscribers get opted in to begin with, you won’t believe it.
Then he/she decided all 5000+ emails that were on our pending list (all the non clickers from the double opt-in) he/she wants to make them all active subscribers.
Ok where do we get our subscribers to being with… our customer service people process every order from our 3rd party shopping cart system into our accounting/crm/inventory system. during that process they take the customers email and fill out our subscriber form on the site that was double opt-in but now is single opt. No where on our site do we tell the customer that we are going to do this.
I have complained/warned/informed him/her of all the bad things that can happen from this like… could cause our company emails to be black listed because of spam complaints from our newsletters. He/She feels he/she is in the right and he/she is entitled to send emails to all our customers.
I think its time for me to find another job…. one where the he/she owner/boss values there employees input.