(no title)
Jaygles | 8 months ago
It should be illegal to sign someone up to a mailing list without explicit consent. If I create an account with my email, or provide it as a part of a checkout process, you should not have the ability to sign me up to a mailing list without me explicitly opting in via a dedicated checkbox or button (and it should initialize as un-checked of course).
Breaking the mailing lists into 30 different categories is w/e, but auto opting people in to new categories should also be illegal. Such a scummy dark pattern
arp242|8 months ago
I have no idea how this happened; I just coded a simple form with a basic Turing test ("please enter the number 9 here" works well enough for small sites). Did they forget they subscribe? Did someone else use their email? Did someone typo the email address? Bots? No way for me to know.
JimDabell|8 months ago
Even with the best of intentions, somebody with the email address jim@example.com might inadvertently enter kim@example.com. You don’t want to lose Jim and you don’t want to spam Kim. So the outcome of entering an email address in a form should always be “now check your email to confirm”.
Ciunkos|8 months ago
I am pretty sure they (the pissed of recipients) have never even visited your site. Their emails had been submitted by persistent fraud groups hammering every possible input 24/7 for their scam and spam ops. I observe such behavior on our apps and sites, even those that you would assume no one is even aware of.
Cloudflare’s Turnstile will help you block 90% of such threats, and the final solution is to double-confirm the subscription - this way you can be pretty sure subscribers are there willingly and have not been put in by crooks.
Nowadays, I would even ditch the email input and force “Subscribe with Google/Apple/xyz” via Oauth to completely mitigate this broken unauthorized newsletter subscription flow.