Mailchimp changes signup process

As of October 31, 2017 signup forms and popup boxes provided by Mailchimp will no longer default to a double / confirmed opt-in process.

Starting October 31, single opt-in will become the default setting for all MailChimp hosted, embedded, and pop-up signup forms.

This announcement was made earlier today in their newsletter and has been spreading like wildfire around the email community.

Of course, everyone has their opinion on why, including me. I haven’t talked to anyone over there about this, but I suspect this relates to the listbombing issue.
I expect that part of their response to subscription bombing was to look at their subscription forms and harden them against abuse. But, as they were looking at it, they also started thinking about the COI process and how COI itself could be used as an attack vector.
The result is removing the COI component from their default forms. Customers who want or need to continue to use COI can enable that option on their setting page.
I feel like I’ve blogged a lot about COI in the past but looking through old posts I can’t actually find many posts on it. (COI: an old topic resurrected, Sledgehammer of COI). There’s a reason for that, COI is a tool and is useful in some circumstances. But it’s not THE solution to deliverability problems.
The discussions around this change have been interesting.
From my perspective, this is not a huge change. No one who used Mailchimp was forced into using COI. There were always ways to work around the default. It makes it easier for some of their customers to run single opt-in mailing lists but it’s only one ESP changing their policies.
I am in the minority thinking this isn’t a big deal. The rest of the industry is full of speculation about this change.
Some compliance and abuse people worry that Mailchimp has gone to spam side. (I doubt it.) Other people liked being able to point at Mailchimp as an example of COI being a best practice and now they can’t. (Well, yeah, time for a better narrative.)
Marketers speculated financial pressures and loss of customers drove this change. (I doubt it, it wasn’t that long t they drove customers off Mandrill.) Others are happy MC “got with the times.” (Uh, they’re actually ahead of a lot of folks in seeing patterns and innovating.)
Whatever the reason, it’s a pretty big change in policy for Mailchimp. But I don’t expect to see more spam from their networks. They’re still going to keep their customers as clean as possible.
EDIT: On Oct 30, Mailchimp announced that the default for .eu customers would continue to be double opt-in to facilitate their compliance with GDPR.

Related Posts

Don't leave that money sitting there

The idea of confirming permission to send mail to an email address gets a lot of bad press among many marketers. It seems that every few weeks some new person decides that they’re going to write an article or a whitepaper or a blog and destroy the idea behind confirming an email address. And, of course, that triggers a bunch of people to publish rebuttal articles and blog posts.
I’m probably the first to admit that confirmed opt-in isn’t the solution to all your delivery problems. There are situations where it’s a good idea, there are times when it’s not. There are situations where you absolutely need that extra step involved and there are times when that extra step is just superfluous.
But whether a sender uses confirmed opt in or not they must do something to confirm that the email address actually belongs to their customer. It’s so easy to have data errors in email addresses that there needs to be some sort of error correction process involved.
Senders that don’t do this are leaving money on the table. They’re not taking that extra step to make sure the data they were given is correct. They don’t make any effort to draw a direct line between the email address entered into their web form or given to them at the register or used for a receipt, and their actual customer.
It does happen, it happens enough to make the non-tech press. Consumerist has multiple articles a month on some email address holder that can’t get a giant company to stop mailing them information about someone else’s account.
Just this week, the New Yorker published an article about a long abandoned gmail address that received over 4000 “legitimate” commercial and transactional emails.

Read More

Active buttons in the subject line

This morning I waded into a twitter discussion with a bunch of folks about some issues they were having with delivery to gmail. The discussion started with a blog post at detailed.com describing how some senders are seeing significant drops in open rates. I thought I’d take a look and see if I can help, because, hey, this is an interesting problem.
I signed up for a bunch of the mail that was seeing gmail problems and discovered that one of them had the confirmation link in the subject line. How cool is that?

I’ve known about the Gmail subscription line functionality for a while, but this is the first time I’ve seen it in the wild.
The action is in a <div> tag at the bottom of the email. Gmail has been allowing actions in subject lines for a while, this is just the first time I’ve seen it used for subscriptions. It’s so cool.
Want to add one to your post? Instructions are available from Google on their Email Markup pages.

Read More

Truth of Consequences

“If you want to use another means that violates the law, and every common definition of “spam”, then by all means, go ahead. You can enjoy fines and being added to the ROKSO database,” says a comment on my recent COI blog post. It’s both disconcerting and entirely predictable.

My post was a discussion of what to do with addresses that don’t confirm. Data tells us that there is some value in those addresses – that there are people who won’t confirm for some reason but will end up purchasing from an email. Using COI leaves some fraction of revenue on the table as it were. My post was a short risk analysis of things to think about when making decisions about continuing to mail to people who don’t confirm.
Mentioning COI often brings the only-COI-mail-is-not-spam zealots out of the woodwork, as it did in this case. In this case, we have the commenter first asserting that failure to do COI is a violation of CAN SPAM (it’s not). When this was pointed out, he started arguing with two people who have been actively fighting spam for 20 years (including running a widely used blocklist). Finally, he ends up with the comment asserting that anyone not using COI will end up on ROKSO. It’s as if he thinks that statement will fear other commenters into not having opinions. It can’t because everyone in the discussion, except possibly him, knows that it’s not true.
The worst problem with folks like the commenter is that they think asserting horrible consequences will make people cower. First off, people don’t react well to threats. Secondly, this is a hollow threat and most people reading this blog know it.
There are millions of mailing lists not using COI and have zero risk of ever getting on ROKSO. The only thing hollow threats do is make people not pay attention to what you have to say. Well, OK, and have me write a blog post about how those threats are bad because they’re completely removed from reality.
Exaggerating or lying about consequences is not just wrong, it’s stupid. “Do this or else BAD THING,” is awesome, up until someone decides they’re not going to do this and the bad thing never happens. It makes people less likely or pay any attention to you in the future. It certainly means your opinions and recommendations are not going to be listened to in the future.
I probably go too far the other direction. I can spend too much time contextualizing a recommendation. It’s one of the things I’m trying to get better about. No, client doesn’t need a 4 page discussion of the history of whatever, they just need 2 lines of what they should do. If they need the context, I can provide it later.
In order to effectively modify behavior consequences have to be real. Threats of consequences are meaningless. Any toddler knows this, and can quite accurately model when mom means it and when she’s just threatening.
Risk analysis is not about modifying behavior. It’s about analyzing a particular issue and providing necessary information so the company action understands potential consequences and the chance those risks will happen. The blog post about COI was not intended to modify anyone’s behavior. I know there are companies out there successfully maintaining two mail streams: one COI and one not. I know there are other companies out there successfully mailing only single opt-in mail. I know there are companies with complex strategies to verify identity and address ownership. And I smile every time I walk into a retail store and they ask me if my email address is still X and if I want to make any changes to it.
Lying about consequences does nothing to modify behavior. All it does is diminish the standing and audience of the liar. Be truthful about the consequences of an action or lack of action. Don’t make up threats in order to bully people into doing what you think is right. Sooner or later they’re going to realize that you don’t know what you’re talking about and start to ignore you.

Read More