Double opt-in

Double opt-in (also called confirmed opt-in) is a list-subscription flow in two steps: (1) the visitor submits their email through your subscribe form, and is shown a "please check your email" confirmation page; (2) AcelleMail emails them a confirmation link, and only when they click it does the subscriber become active on the list. Single opt-in is the alternative — the subscriber is active the moment they submit the form, no email-click required.

The setting list.default.double_optin in AcelleMail's admin Settings flips the new-list default. Per-list, the column mail_lists.subscribe_confirmation holds the actual value — true means double opt-in, false means single. The pending-confirmation flow lives in app/Http/Controllers/Pub/MailListController.php (subscriber redirected to a "ThankYou" page asking them to check their email) and the click-handler in app/Model/Subscriber.php::confirmSubscription activates the row.

From AcelleMail's built-in FormGdprChecklist (rule double_opt_in_enabled): "Two-step confirmation produces a verifiable consent record (timestamp + IP + click). Single opt-in is legal but weaker — under DPA scrutiny, double opt-in materially raises your defence." In practice double opt-in delivers three benefits: (1) cleaner lists — typo and bot signups never activate, lifting deliverability; (2) lower complaint rate — every active subscriber clicked through, so they remember signing up; (3) defensible consent — the click event is a logged data point you can produce on a regulator request.

Some flows lean toward single opt-in: gated-content downloads where the email is also the delivery channel, repeat customers logging in, internal staff lists. AcelleMail leaves the choice per-list, so a single account can run a gated-download list as single opt-in and the main marketing list as double opt-in. The deliverability and consent trade-offs are the same regardless of platform — see deliverability §9 (List hygiene) for the longer treatment.