Helping people with computers... one answer at a time.

Particularly when dealing with email, terms like opt-in and opt-out have specific meanings that often clarify what is, and is not, spam.

I keep hearing terms like "opt-in", "opt-out" and "double opt-in" but I don't get what they mean. What do they mean?

In short, they indicate whether or not you were given a choice, and in the case of "double opt-in", whether or not it was really you that accepted that choice.

The terms are actually fairly generic, but we'll look at it from the perspective of email, and spam.

To "opt-in" to something is to proactively do something to join or become a part of it. If you don't do anything, you're not "in", it's as simple as that.

To "opt-out" of something is the opposite: you're in something and you choose no longer to be a part, so you take some action that removes you.

As you can see, these map very well to email subscriptions: you "opt-in" to a mailing list, for example, by providing your email address and asking to be subscribed. Similarly, you "opt-out" of a mailing list by using whatever unsubscribe mechanism that the mailing list provides. In either case it's an action that you take based on what you want to have happen.

Most confusion results from the term "double opt-in", or more properly "confirmed opt-in". Where "single opt-in" would be providing your email address and then immediately being subscribed, "double opt-in" requires a second step (hence the "double"): you have to respond to a confirmation message to acknowledge that you really do want to subscribe.

"The only correct way to remove yourself from a mailing that you originally confirmed you wanted to get is to use the provided unsubscribe mechanism."

Here are the steps that happen for confirmed opt-in:

  • You provide your email address somehow. Usually a simple form with a submit button to subscribe to a newsletter or other kind of mailing.

  • The mailing list provider then sends a message to that email address asking you to click on a link or reply to the email to "confirm" that you did indeed intend to subscribe.

  • Only when that confirmation is received by the mailing list service provider are you actually subscribed. You've "double-opted in".

Double opt-in is considered a requirement these days to avoid being labeled a spammer. The problem is that with single opt-in, no confirmation is required. Anyone could enter your email address in a form and subscribe you to something that you didn't want. Double opt-in avoids this completely by first requiring that whoever is at that email address indicate that yes, they actually, honestly, really, intended to subscribe.

So how does this all play out with spam?

Double Opt In: if you subscribed to some mailing, and in particular went through the process of confirming that you really did want to subscribe by responding to the double opt-in confirmation request, then as long as that mailing continues to deliver what it promised, it is not spam. The only correct way to remove yourself from a mailing that you originally confirmed you wanted to get is to use the provided unsubscribe mechanism. That should be provided in every mailing. If they don't provide such an option, or go to great lengths to hide it, or if it fails, then you're certainly within your rights to use whatever means necessary.

I did include a caveat above: "as long as that mailing continues to deliver what it promised", and that's important. If you sign up for a tech newsletter, and a year later that newsletter turns into a health and beauty advice newsletter - that's not what you signed up for, and it's spam. Do what you will.

Single opt-in: single opt-in is dangerous, and to be honest, no legitimate mailer should be using it. If you can subscribe to a mailing without confirming, then anyone could be adding anyone else to that mailing. To the people suddenly getting something they didn't ask for ... well, that's the very definition of spam.

The one exception here are businesses with whom you might be making a transaction. For example, if you purchase something from an online retailer, that in and of itself can be considered "confirmation" of the relationship. Now, a smart retailer will ask if you want to get emails not related directly to the sale. Some will be "opt-in", where you need to check a box saying "yes I want this" before it'll happen. As we'll see in a moment, not all are.

It's difficult to come up with a hard and fast rule about when you should and should not consider this type of mailing spam, and that's what makes this so dangerous for the mailers doing so. My take: if it's a legitimate business you trust and have in fact done business with in the past, then use their provided unsubscribe mechanism.

Opt-out: We see this in software registration, online purchases and the like. As you fill out some other form relating to some other transaction, there's a checkbox that says "yes, please send me promotional email" or similar. The key is that the box is automatically checked for you. In my opinion, that's wrong. If you don't notice it, and then suddenly start getting email you didn't expect or actually ask for, then that's spam. Services using this type of opt-out process for collecting email addresses are just asking to be labeled as spammers.

Opt-nothing: for completeness, email from people you never heard of, from businesses you've never used, email you don't expect and never asked for: that's the very definition of spam.

Spam is a pain, but ultimately, I think we all owe it to the people who go the extra mile and play by the rules to not label them as spammers, accidentally or otherwise. If they've:

  • Told you what you're signing up for - perhaps even provided examples

  • Asked for your confirmation via double opt-in that you really do want it

  • Deliver what they promised, when they promised it

Then they've played by the rules.

Article C3466 - August 4, 2008 « »

Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

August 4, 2008 12:42 PM

Leo, you forgot to mention those who provide the opt-out very obviously, and then ignore it completely when you try to use it.

That's spam too.

Glenn P.
August 19, 2011 1:16 PM

I concur with Ziggie! Either ignore it completely, or else take inordinately long to respond to it...

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.