Wladimir MuftyApr 2

Just like we enforce basic security and ethical standards, such as:
๐Ÿ‘พ no tracking pixels
๐Ÿ“ฉ no open mail relays (do those even still exist?)
โ˜ข๏ธ no shady analytics URLs that disguise the original destination and canโ€™t be distinguished from phishing-urls.

we should also adopt the following rule:
๐Ÿ’š do not send any additional emails if an initial subscription has not yet been verified

Why? Read the article:

#email #Newsletter #subscription #subscriptionbombing

https://bytemash.net/posts/subscription-bombing-your-signup-form-is-a-weapon/

Your sign-up form is a weapon | Bytemash

How bots used our sign-up and forgot password pages to bomb real people's inboxes, and what we did to stop it. A practical guide to subscription bombing for founders and developers who think CAPTCHA is an "I'll do it later" task.

Hacker NewsApr 2

Your sign-up form is a weapon

https://bytemash.net/posts/subscription-bombing-your-signup-form-is-a-weapon/

#HackerNews #Your #sign-up #form #is #a #weapon #subscriptionbombing #signups #onlineforms #marketingstrategy #userexperience

Your sign-up form is a weapon | Bytemash

How bots used our sign-up and forgot password pages to bomb real people's inboxes, and what we did to stop it. A practical guide to subscription bombing for founders and developers who think CAPTCHA is an "I'll do it later" task.