deliverability letter

Double opt-in or single opt-in?

Thoughts by Jesse Hanley • Founder Bento

IMPORTANT UPDATE: We have released a long form guide on deliverability which includes our current perspective that our users should implement a Double Opt-In strategy in 2024. It is the best way to ensure that your users are receiving email that is both wanted and expected.

Over the years, before I even started building Bento, I was always really confused about the whole single and double opt-in fiasco.

When I was studying eCommerce it seemed that the best practice was to just use single opt-in as there was a bias for larger list growth at any cost.

You'd ask for an email in the footer, as a pop-up, or during checkout flow and you're done.

That user can get sent an email anytime after that moment.

Nice and simple.

But when I started to study more about content creators (newsletter owners, bloggers, etc) I couldn't find any articles that endorsed single opt-in.

It was double opt-in or nothing.

So which are you supposed to use?

Look at compliance first.

This is where everyone needs to start first.

Google your local laws, talk to a lawyer friend, and get an understanding on what you must do for the sake of compliance.

As far as I know, as of today, Germany is the only large country that forces you to use double opt-in for all their citizens.

With GDPR legislature evolving this may expand to over 28 other European nations but we're still not sure as the EU governments are moving pretty slow on it (last checked 3rd of June 2021).

If you are in a country that requires double opt-in for your users then you have to enforce it. Most tools, like Bento, will allow you to ensure that new users are unsubscribed to start with and then when they click a confirmation link they get opted-in.

But just because a country allows you to send without confirmation, doesn't mean it's the right option for you.

Next consider list health.

The main reason people in the newsletter or blogging space encourage double opt-in is because they believe that it helps improve the health of the list.

This is true but people often don't know why this is true.

In email marketing, there are bad guys who subscribe victims without their consent to email lists all around the world. Sometimes thousands of forms per email.

This practice is called list bombing.

List bombing is the practice where automated bots troll the web looking for forms to add to a massive pool that they can abuse when they wish to target a victim.

When they do their attack they submit thousands of emails to these forms (including yours) which flood the victims inbox hiding any bad actions like trying to login to a bank account or resetting passwords.

This happens surprisingly often.

Double opt-in ensures that when this happens those emails get captured but they don't actually get sent anything.

For some email marketing providers, that's OK but for other providers these may count as billable contacts which is not great for your wallet at all.

In Bento, we take a different approach to our competitors and spend a lot of time trying to protect you by rendering our forms in a non-standard way using custom JavaScript we've written that has bot protection built right inside it (powered by CloudFlare).

This ensures that when those bots visit your site they may see the form but it functionally won't work for them. They'll ignore it and move to the next website.

But on the other hand, if you use your own forms or our API then we are unable to apply those same protections ... in that case using double opt-in is 100% the way to go.

Only double opt-in is the only way to ensure that users want and expect your emails.

As for the honeypot emails, this occurs when users scrape emails or find them across the web to add them to an email list.

Providers such as Spamhaus and Hotmail do this on purpose to catch people trying to shortcut their way to a large marketable list.

Trying to protect yourself from this is fairly easy: just don't scrape the web or social media (LinkedIn or Facebook Groups) for email addresses.

But just saying this won't stop your employees, team mates, or others accidentally adding one to your list and marketing to it.

Double opt-ins will help protect you from others adding spam traps to your list but won't protect you necessarily from yourself or your team.

One way Bento tries to protect is by checking email domains across a wide range of spam providers to ensure that emails aren't spam before they actually get their first email.

Additionally, just a simple check to see if the email is formatted correctly and has proper MX records setup will go a long way. Bento does this automatically for you too.

If you can protect yourself from bots and honeypot attacks you are good to choose single opt-in and can move to the next section.

Now consider user behaviour and opt-in rates.

User behaviour and opt-in rates is one of the strongest votes for single opt-in.

Imagine one of your visitors is scrolling through Instagram, sees an ad for your business, clicks through and browses around.

They then see a pop-up for 10% off and put in their email.

They hit the back button, see a video of a cute puppy, and continue their scrolling from there. They forgot about the confirmation email they had to click on.

In a double opt-in world that future customer, who expressed intent and interest, will not get any marketing from you ever again.

They'll literally never hear from you again and they won't opt-in again because they already thought they did and whilst they MAY see the confirmation email in the inbox it's highly unlikely.

But ... in a 2024 email marketing world, this trade-off may be worth it to ensure the longevity of your email program.

Making single opt-in work.

In Bento, if you use single opt-in you should consider adding all those users to a fresh email sequence, like a Welcome Series, that aims to get them engaged with your brand.

Using automations, automatically tag or add a custom field that indicates a they are an active_subscriber when they open an email, click a link, or view your website. This is easy to setup and there should already be an automation in your account ready to go.

Additionally, make sure that users who do not engage at all are unsubscribed after a few days to a month.

When you next create your broadcast or marketing email just target people with that active_subscriber tag or field and you're off the races.

The benefit with this approach is that you give yourself and the subscriber multiple chances of actually activating their email whilst still churning

It also catches the edge case that they read your email via an email notification or have images turned off but still visit the website.

It's kind of like an extended confirmation sequence.

Making double opt-in work.

In Bento, create an email series that sends an initial email asking the user to confirm their address. Once they click the link, you can then add them to whatever email series they wish to get.

In that first email keep it simple and clean. Include an outline on what emails they should expect.


We believe now that all users should pursue double opt-in as it's the cleanest way to ensure that users are receiving emails that they both want and expect.