Here's a link to a document I wrote back in February, 2006. It gives an overview of how to implement double opt-in. How does it work? What do you need to be careful about? How do you track opt-ins? How do you handle replies? Etc.
Multiple anti-spam groups and ISPs have contacted me over the years, asking for this type of overview. If you find it useful, please let me know!
My eventual goal is to build a free software library of double opt-in libraries and scripts, that would allow an individual or small company quickly and easily set up their own double opt-in name capture process.
Anybody want to write some perl code for me?