What is "active verification" of email addresses?
When people talk about to email address verification forms, they usually refer to a "syntax check", like <something>@<somethingelse>.<tld>:
- Only legal characters are used
- There is a "@" in the middle
- There is at least one point in the right portion
- MAYBE (list-based) test for legal top level domain (".com", ...)
- RARELY (live) test for valid mail delivery information the complete right portion ("@Leuchtfeuer.com")
However, all this says nothing about the existence of the actual email address - there can still be a typo in the left portion, or even complete garbage.
Active verification aims to verify the email address itself, by using a simple trick: We start a "pseudo" delivery to the address in question, and wait for the reaction of the remote server once we tell him the recipient address. Afterwards, we cancel the transmission. Next, an additional test (for "catch-all" behavior) may be possible.
As a result, an address may be successfully verified, or it may be proven bogus. And for a good portion, the result may still be an undefined "we don't know for sure".
Can it really replace Double Opt-In?
In a blog post, Mautic plugin developer Greg White points out that active verification might replace DOI entirely: https://gautit.com/the-double-opt-in-single-opt-in-conundrum/
Is that so? Let's start with: Why are people using Double Opt-In? Their reasons are basically twofold:
a) Avoid broken email addresses in database, e.g. due to misspelling when filling in a form
b) Create proof for when and how an Opt-In was given by a recipient (GDPR requirement)
While active verification may indeed help with (a), it can do nothing for (b). So... situations vary, but at least where GDPR applies, DOI is still not completely obsolete.
Getting the most out of active email verification
- If you do not need (b) and just want to keep the quality of your address base high, active verification is certainly a good way to go.
- Re-evaluating existing addresses that were previously working (in order to avoid future bounces) seems over the top in most cases.
- The most compelling case, though: Live verification of an email address that has just been entered in a form - before the actual double opt-in process even starts!
Which aims to rescue those leads where the email is misspelled and for which thus the double opt-in cannot succeed.
And isn't a better opt-in ratio something we all want?
And there's another catch! Spam bots can create a lot of email entries, and we would validate them all. If you are using a commercial service for active verification, your monthly bill may end up than expected.
So what would be a working scenario?
a) Verification has to be server-side. I.e. after the regular submission of the form, Mautic would have to take another look at the address and if it proven bad, Mautic would have to come back with the form and an appropriate message.
b) For that server-side verification, a commercial service will probably do the best job. On the other hand, it seams absolutely doable to use PHP (based on existing libraries) and thus to do basically the same thing locally (and for free).
Interested? Please get in touch with us - we would love to organize a sponsorship, and work with Greg for the implementation!