Hacker News new | past | comments | ask | show | jobs | submit login

One thing they're not doing: Mandating confirmed opt-in. Asking the recipient if they want to receive email is the only way to confirm it's actually requested.



I don't know about their marketing email policies, but we use it for transactional emails, wherein opt-in consent is generally not explicit.

For instance, if you use it for service delivery (payment receipts, invoices, password resets, etc), there is no separate opt-in process beyond the fact that recipients are your users who signed up for your service.

I'm not sure how any ESP could enforce the notion of opting in under these circumstances.


> there is no separate opt-in process beyond the fact that recipients are your users who signed up for your service.

That's not a fact that the recipients are users that signed up for it. As someone with a first letter + last name @ gmail account, I can't tell you how many transactional emails I get for things I never signed up for. Try getting a bank to take your email address off of someone else's account—damn near impossible.


>That's not a fact that the recipients are users that signed up for it.

It is if you use an email verification step as part of your sign-up flow, which we do. At most, someone could sign up with someone else's address and generate a confirmation email, but it'd only be once per address and that's the price of an open Web.

Anyway, I'm aware that not everyone does this, but at a certain point there's not much an ESP can do, beyond which there's essentially trust and monitoring.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: