"Using confirmed opt-in is a good idea. " I agree. But I don't see how it would have helped the OP in this case, from what he is telling us. Let's say a visitor enters any rubbish in the form, and, bad luck for Tony, it happens to be identical to a spam trap's address. Tony's page can blindly accept it, in which case he might hit the spam trap at some point. If he verifies it, the typical method is to email the claimed address and wait for the user to confirm that it was entered correctly and in good faith. However, sending that verification mail means Tony hits the spam trap IMMEDIATELY, not when the next newsletter goes out. Hard to believe the situation is this twisted, so please fill in the gaps if I've missed something. I suppose the advantage to the verification mail hitting the trap first is that you are mailing to one user instead of the whole list, so connecting the signup to the time of the report you might have a chance to zero in on the bad address. But the damage is done.