Just as it seems we’re getting a handle on soaring levels of spam emails a key tool is changed for the worse

By the end of Q3 this year, just under 60% of email was deemed spam. That’s almost two in every three emails being a nuisance, or potentially dangerous to global email users. Businesses really don’t want to contribute to the problem by creating “noise” in people’s inboxes, instead we want to focus on improving deliverability and ensuring our customers receive relevant communications from us. Most companies, and in particular marketers, rely on bulk email services to manage the distribution of our email messages, and until now, we’ve had one provider in our corner, doing its best to reduce unnecessary emails flying about the internet.

Monkeying around with email

However, in October, MailChimp, had a change of heart about its opt-in settings for subscribing to emails, moving from a double opt-in process, to a single. So what does this mean? By changing subscription settings to a default single opt-in, a person now only needs to enter an email address and click subscribe to join a MailChimp list. Compare this to the double opt-in method — where a subscriber had to verify they wanted to subscribe via responding to one-off email they received — and you can see why “spam” email volumes may quickly increase.

The omnipresent GDPR

Needless to say by removing this verification process, people weren’t happy. Double opt-in is a necessity to prove consent was actually obtained from an email address owner under the upcoming GDPR regulations. MailChimp’s change provides an array of possibilities for hackers and bots to easily access newsletter subscriber lists, meaning you could see hundreds of new emails in your inbox daily. Facing backlash in Europe specifically, the company decided that if the primary contact address was in the EU then existing forms would remain double opt-in. Great news for .co.uk email addresses, but what about users of Gmail where it’s difficult to determine location?

An e-mail u-turn

The incident brings to light the ever present dangers facing email security today, as well as the battle that so many brands face with email deliverability. MailChimp argued that double opt-in rates have slipped to 39% and that consumers no longer expect this step. While this may be true, the industry trend hurts privacy and security and goes against what the service had previously stated about the importance of authentication. It wasn’t so long ago that MailChimp lauded double opt-in as a safeguard against bots, scammers and everything in between. This new default behavior does quite the opposite, and although opt-in will increase in the short term, longer term organisations using MailChimp will likely face an increased number of people unsubscribing from email lists. Furthermore, we’re likely to see spam rates soar as a consequence. Single opt-in enables spam bots to plug your email address into any number of sign-up lists and and in effect, DDoS your mailbox. There’s very little that users and security advocates can do about this — taking a corporate stand and dropping the email provider is one option, but in an industry where double opt-in is a rare practice, how easy is this option? We’d love to hear your thoughts on the MailChimp saga, or indeed any spam-related news — team@ondmarc.com.