Double Opt-In Best Practices for Email Marketing

September 1, 2020 | 10 minute read
Chad S. White
Head of Research, Oracle Digital Experience Agency
Text Size 100%:

Double opt-in (DOI) permission practices are often seen as unnecessary and harmful to list growth. However, when used correctly, they can improve your email program’s results by protecting your sender reputation, which keeps you from having deliverability problems.

I’ll explain the advantages and disadvantages of double opt-in—which is sometimes referred to as confirmed opt-in—as well as where and how to use it effectively. However, let’s first answer the most foundational question of...

How does a double opt-in process work?

When an email address is entered into a signup form to receive emails from your company, or, a signup box is checked or left pre-checked as part of a registration or download form, you would send them a signup confirmation email that asks them to click a link in the email in order to confirm their subscription. If they click the link, their subscription is confirmed, and you send them your welcome email, followed by your promotional emails. If they don’t click the link, you don’t send them any additional emails. 

“Sending one opt-in confirmation request may be enough, especially if you’re getting a high rate of confirmation,” says Daniel Deneweth, head of email deliverability services at Oracle CX Marketing Consulting. “Others may need to send a ‘reminder’ and then perhaps even a ‘last chance’ confirmation request email to get their rates up. Sending those to non-responders within one or two weeks could be effective, and not too risky.”

This process contrasts with a single opt-in process, where your company accepts all email addresses entered into signup forms and accepts all checked boxes as consent.

Get more tips on double opt in and other email marketing best practices with the Oracle Marketing Consulting Newsletter.

There are three chief advantages of double opt-in.

1. It provides ironclad permission.

Double opt-in is the only way to be 100% sure that the person who entered an email address actually owns that email address. Since you can only get permission from the owner of an email address, this is the only ironclad way to get permission. From a compliance perspective, securing a double opt-in is the strongest proof of consent you can collect.

“This is the No. 1 reason to implement a DOI policy,” says Clea Moore, director of deliverability strategy for email deliverability services at Oracle CX Marketing Consulting. “In addition to compliance issues around the Canadian Anti-Spam Law (CASL) and General Data Protection Regulation (GDPR), it helps ensure that you don’t send financial, medical, or other potentially sensitive information to the wrong person. For example, Kelly Molloy, an anti-spam friend and former colleague of mine, regularly receives messages meant for someone else with the same name. Those emails include software keys, concert tickets, medical appointment reminders, and receipts with contact and billing information.”

2. It makes consent crystal clear

People don’t always recognize that they’re signing up for promotional emails. This is especially true when a consumer is checking out online, registering for a webinar, downloading a white paper, or accomplishing some other primary objective. Email consent is collected as a secondary objective. This is most true when email consents are collected via inconspicuous pre-checked boxes or people are auto-opted-in according to details hidden in terms and conditions. This is so user-unfriendly that it’s illegal under CASL and GDPR. 

A double opt-in clarifies and strengthens consents by adding intent and acknowledgement to the opt-in. Evidence of this can be seen in the fact that subscribers who complete this process have considerably higher email engagement than those who complete a single opt-in process.

3. It protects your sender reputation

In addition to yielding subscribers that have higher engagement, double opt-in also helps companies safeguard their email deliverability by protecting them from:

  • Typo and other spam traps that inbox providers and email blocklist operators use to identify spammers.

  • Malicious signups, where a competitor, detractor, or bad actor purposefully signs up for your promotional emails using email addresses other than their own, or spam traps they’ve identified.

In both cases, using a double opt-in process limits the number of emails you’d send to any of these addresses. Since spam traps never click emails, you ensure that a spam trap never gets on your list. Email bots are also unlikely to click. Or, they’ll click every link in every email you send and, you can identify them that way  too. And those who have been maliciously signed up for your emails are much less likely to report your subscription confirmation email as spam than they would a welcome email, or a promotional email that indicates that this is only the first of many emails they’ll receive.

CAPTCHA, email verification services, email validation services, and other tools can also help reduce these risks. It’s not an either-or proposition. Those tools can be used in conjunction with double opt-in, which is the strongest and most certain way to protect your sender reputation.

Hear from the experts from Oracle Marketing Consulting on tips for audience acquistion, website optimization, and automated campaigns. Look at their checklists for each.

What are the disadvantages of double opt-in?

While double opt-in is undeniably powerful, there are two main disadvantages:

1. Slower list growth means lower total engagement

Since you can safely send just one opt-in confirmation request email, it’s possible that some real-life would-be subscribers might not see it and therefore never confirm their subscriptions. That means you’ll likely have a few disappointed prospects and customers, plus your list won’t grow quite as fast as it might with a single opt-in process.

“Ultimately, you’re accepting the certainty of lower total engagement in exchange for protection from potential deliverability problems,” says Nick Cantu, senior art director for creative services at Oracle CX Marketing Consulting. “Some are happy to make this trade, but others have difficulties choosing a certain loss over a potential one, even if the potential loss is likely to be much larger over time.”

2. It’s another point of technical failure

A double opt-in process has more moving parts than a single opt-in process. More moving parts mean more points of failure. Your subscription confirmation request email is another line item in your inventory of automated emails that you need to regularly QA test and optimize. A breakdown in this email can harm your list growth, so you need to keep an eye on it.

This happened with the Oracle CX Marketing Consulting newsletter when we redesigned our subscription confirmation request email and didn’t connect it into our flow logic appropriately. It took us weeks to realize that this was the reason that our list growth had plateaued.

“Thankfully,” says Esther Shin, senior web developer for creative services at Oracle CX Marketing Consulting, “we were able to track which contacts had clicked through on the double opt-in email during that period and manually added them to our confirmed subscriber list. Not too long had passed, so we didn’t feel we needed to re-confirm them. So, the damage was limited to the engagement that we lost due to these subscribers missing anywhere from one to three newsletters.”

With these advantages and disadvantages in mind, let’s discuss...

Where should I use a double opt-in process?

The debate over email permission often devolves into a false choice of whether to use single opt-in or double opt-in for all subscriber acquisition sources. While it’s perhaps simpler to implement one universal standard, it’s not the most efficient.

Double opt-in is most appropriate for your subscriber acquisition sources that:

  • Involve subscribers who are paying for premium content and you need to make sure you’re sending that paid content to the right recipient

  • Have demonstrated in the past that they attract spam traps, email bots, and malicious signups, or generate lots of subscribers who are prone to complaining and rarely convert

  • Are far from your fulfillment and customer service operations, such as co-registrations and list rentals, and therefore highly likely to attract low-quality subscribers

  • Involve open signup forms that anyone and anything on the internet can easily access, such as the email signup form on your homepage—and especially open forms that aren’t on your website, such as the email signup on your Facebook page

  • Involve email address collection processes that are prone to errors in transcriptions, such as paper forms or addresses collected verbally without visual confirmation by the consumer

  • Have pre-checked consent boxes that are buried in the fine print or hidden in terms and conditions, especially when the primary purpose of the form completion is not transactional, such as completing a contest entry form.

“It’s especially important to implement DOI where consent is not clearly being given to receive email,” says Clea. “Otherwise, you run the risk of high spam complaint rates and terrible open rates, in addition to the increased risk of mailing spam traps and landing on a blocklist.”

If you have a deliverability expert on staff or have email deliverability consultants watching over your program, you can lean more toward single opt-in. However, if you don’t have such safety nets in place, you’ll likely want to implement more double opt-in. It’s better to be safe than sorry when it comes to deliverability.

How can I maximize double opt-in confirmations?

Probably the most common objection to double opt-in is that “It costs me list growth because not everyone confirms their subscription.” Of course, the primary purpose of a double opt-in process is to screen out risky signups, so you’d expect some addresses to go unconfirmed.

In an ideal world, all those email addresses that aren’t confirmed would be spam traps, email bots, malicious signups, and people who aren’t interested in receiving your emails and are just going to unsubscribe or report your emails as spam. However, we know that there are some truly interested people who never confirm their subscription. You want to minimize that as much as possible.  There are some best practices to help you achieve that.

  1. Your signup confirmation page or popup should make it abundantly clear that further action is required.

  2. The subject line and preview text of your opt-in confirmation request email should make it clear that action must be taken in the email.

  3. The design of your opt-in confirmation request email must focus recipients’ attention on the one action that you want them to take, which is to click the link to confirm their subscription.

  4. Upon receiving a click on the opt-in confirmation link, your opt-in confirmation page should clearly acknowledge that they are now subscribed and then drive the relationship forward. Make the new subscriber feel welcome—whether that’s asking them to complete their user profile, presenting them with a welcome offer or discount, giving them educational or instructional information, or something else.

We use these best practices with our clients, and also with the Oracle CX Marketing Consulting newsletter. This twice-monthly newsletter shares advice and insights from our more than 500 digital marketing experts. Let’s walk through how we’ve put these best practices in action with this newsletter.

First, after you complete the form on our signup page or the popup form on our archive page, you’re taken to our signup confirmation page. The primary messaging on this page is just 18 words and communicates to the person that they’re not subscribed yet and that they need to “click the link in the email we just sent” to the email address they provided.

“It’s critical to be clear and concise with confirmation statements,” says Brian Sullivan, strategy director of email deliverability services at Oracle CX Marketing Consulting. “With today’s short attention spans, you want to compel that lead to take the next action quickly and avoid them abandoning the process midstream.”

Nick adds that you should leverage the established language that’s used for double opt-ins. “Consumers are very familiar with confirming not only their email addresses, but their cell phone numbers,” he says. “This is a standard step to engage with many brands, so don’t get clever or try to be original.” 

Second, when they go to their inbox and find the opt-in confirmation request email, they’ll see envelope copy that again reinforces that action is needed. For example, the subject line for our email says, “Activate My Subscription” and the preview text says, “Click the link in this email to complete your subscription.”

Third, when they open our email, they see a huge headline and bright red call-to-action button. The primary text consists of just 11 words, with some secondary text to address people who may have received this email because of a malicious signup or typo in an email address.

“A double opt-in confirmation email should have a singular focus with minimal content,” says Nick. “It is essential to communicate the action needed and remove all unnecessary elements, including navigation bars, social links, and secondary modules.”

And fourth, when they confirm their opt-in by clicking the link in our email, they’re taken to an opt-in confirmation page with the headline “You’re in!” In addition to telling them to look out for our next issue, this page tries to engage new subscribers by providing some of our best content that’s appeared in past issues of our newsletter.

By putting these double opt-in best practices into action, we’ve seen 96% of signups be confirmed. We freely acknowledge that our target audience of digital marketers is savvier about double opt-in practices than the average consumer, but it speaks to the high level of confirmation that can be achieved by designing an experience that’s singularly focused on getting that opt-in confirmation click.


Need help with your email deliverability or marketing automation? Oracle CX Marketing Consulting has more than 500 of the leading marketing minds ready to help you to achieve more with the leading marketing cloud, including Email Deliverability Services and Campaign Automation Services teams that can help you improve your deliverability and set up effective triggered email campaigns.

Reach out to us at or visit us online.



Chad S. White

Head of Research, Oracle Digital Experience Agency

Chad S. White is the Head of Research at Oracle Digital Experience Agency and the author of four editions of Email Marketing Rules and nearly 4,000 posts about digital and email marketing. A former journalist, he’s been featured in more than 100 publications, including The New York Times, The Wall Street Journal, and Advertising Age. Chad was named the ANA's 2018 Email Marketer Thought Leader of the Year. Follow him on LinkedIn, Twitter, and Mastodon.

Previous Post

Creating Relevance with Multivariate Testing and Digital Analytics

Michael Blumenfeld | 4 min read

Next Post

What Flowers and Fruits Can Teach Us About Content and Branding

James Glover | 4 min read