A few weeks ago, my hosting service received a complaint that my blog was sending spam. I don’t spam, so I checked out what was going on.
I had been using Mark’s Subscribe to Comments plugin which has one flaw: the released version does not support double-opt in. At the time I replied to my hosting company with an explanation and I disabled that plugin. I also went onto SpamCop and replied to the complaint with what I had done to resolve this.
Being tagged a spammer is serious stuff.
Double-opt in is when someone signs up for an e-mail and the first and only e-mail that goes out is one that says “Hey, someone just signed you up for this. If it’s really you, please confirm by clicking on this link. If it’s not you, then please ignore/delete this e-mail and the system will never send you an e-mail again.”
Until the subscriber clicks on that double-opt in link, the person is NOT subscribed. It’s e-mail subscription etiquette 101 and should be adhered to. I am NOT a bulk e-mailer but you have to be responsible on the Internet. SpamHaus has a good explanation here under “confirmed opt-in”.
This is a known issue and now the SVN copy of that plugin now supports Double-Opt in. I got my copy by using this command in my wp-content/plugins directory:
cd wp-content/plugins svn co http://svn.wp-plugins.org/subscribe-to-comments/branches/development stc
That put the svn copy into wp-content/plugins/stc. I went into the admin portion of the plugin and enabled Double-Opt in. A quick test later confirmed that it’s working. Once the 2.2 version is released, I’ll stop using the SVN copy and sync up with the WordPress.ORG copy.
One last item was that I deleted the e-mail of the subscriber who complained and now people who leave comments and want an e-mail on follow up comments will now work in a responsible way.
Ahmed says:
I had the same problem – thanks for pointing me in the right direction.
March 13, 2009 — 4:21 am
Johnny says:
I like this option that you installed. I think I will install it onto my blog too. So what version of this plug-in are you running? The current ZIP download is 2.1.2. Or do I need the SVN version?
June 9, 2009 — 3:08 am
Jan Dembowski says:
Looks like you need the SVN version for now. The double-opt in in important.
June 9, 2009 — 5:53 am
Erik says:
I have this plugin installed but it attracts spammers itself.
It seems that if a spambot leaves a comment they sometimes also tich the comment checkbox. The spam message is catched by mollom or akismet but the subscribe to comments plugin nevertheless sends a verification mail.
Since spammers usually do not leave a working e-mail address I start receiving lots of bounced e-mails.
Anybody else with this problem?
December 15, 2009 — 6:31 am
Jan Dembowski says:
I have not had that problem but I only get ~100 spam comments a day.
Since I’ve written this blog posting I’ve switched over to a fork of that plugin called Subscribe To “Double-Opt-In” Comments.
That one might work better for you.
December 15, 2009 — 9:28 pm
Erik says:
@Jan,
I did not read your original post correctly. I now see you used the SVN version of the original plugin. When writing my comment I was actually already using the “Subscribe to double opt in comments”.
According to the maker, Tobias, the spam problem I describe above is a known problem and he mentioned that he is planning to improve the plugin.
December 16, 2009 — 3:53 am
Jan Dembowski says:
Talking with Tobias is probably the best way to go: he constantly tweaks his plugin. Maybe he’ll put in a SPAM check before sending the e-mail.
December 16, 2009 — 5:43 am
Erik says:
He mentioned that he is planning to do so.
December 16, 2009 — 9:02 am