Double Opt-in/Confirmed Opt-in

Different names for the same practice.

Whether you call it closed-loop opt-in, confirmed opt-in, verified opt-in or double opt-in, you're generally referring to an email address verification process used to validate an email address before adding it to an electronic mailing list. Double opt-in is something of a misnomer, because it's not a second opt-in; it's address verification. However, what you call it is less important than whether or not you employ it. (For more about the terminology argument, head on over to Pan Am Internet's excellent page on the issue.)

Why should you do it?

You do it to prevent forgeries. The process nearly eliminates spam complaints, and any you do receive can usually be easily disproved.

It can also ensure better deliverability. If you send email, you know how many spam filters (both good and bad) there are out there. They will filter or block even confirmed opt-in email. Why they do is a whole other issue, but if you can demonstrate that you correctly utilize double opt-in, you can get whitelisted by various spam filtering organizations and companies.

How does it work?

Generally, it starts with a web form. A potential recipient will sign up for emails by entering their email address into your form and clicking the submit button. What happens next is they are sent a confirmation request email. In that email, there is a unique coded URL that the recipient clicks on to verify their identity. If the recipient does NOT click on the URL, nothing happens. They are not added to your list, and you don't email them again.

A mailer does it to prevent forgeries. The process nearly eliminates spam complaints, and any you do receive can usually be easily disproved.

If you decide to implement this process on your own, make sure you keep records of all the opt-in requests and completions. IP addresses, opt-in codes, etc. Also, make sure your confirmation method can't be spoofed. Any validation URLs should have a coded URL, not a plain URL that contains the person's email address. (Here's more info on how to implement double opt-in properly.)

Links to info and commentary on double opt-in/confirmed opt-in.

From - March 6, 2001 by Mark Brownlow. Overall, a good article, though it contains a technical error. Mark claims that double opt-in can't prevent forged subscriptions, which is incorrect. It's only a poor implementation of the process which would have this problem.

From's guide to list management and spam issues, here's a quick and simple definition of what double opt-in/closed-loop is and why you should do it.

From Network World - February 19, 2001. Mark Gibbs explains what it is and why you should do it. Why is it important to prevent forgeries? He explains.

Lyris provides software and services to companies who both send and receive email. They point out that double opt-in is the way to go if you don't want to get blocked by the various anti-spam groups.

Marketing consultant Gary North explains that double opt-in is "an internet rule against spamming." I agree; it definitely helps. has a very compelling reason why double opt-in/confirmed opt-in is a good practice: It'll keep you out of jail. While phrased whimsically, there's some truth to that. With all the US state anti-spam laws in place, are you sure you're in compliance with all of them? Most require a prior business relationship as a bare minimum to allow you to send someone an advertisement via electronic mail. Is a business relationship established when somebody else forges that recipient's address into your form? That's not clearly defined, and I wouldn't want to bet on it.
Post a Comment