feature: double opt-in

About the list subscribes: this is something I already thought about myself for the next update ;-).

About the double opt-in: yes, this makes sense. However there are a number of things to consider:

So far each comment just gets a internal flag added that a notification should be send, if someone replies. If a double opt-in is needed, the e-mail-address needs to be handled separately, since the opt-in should not just apply to the single comment but to the e-mail-address itself. At least I would not like to confirm my subscription for every single comment for the same website all the time.

This also means, during an update of the plugin existing subscriptions need to be read and added to the list of known and confirmed e-mail-addresses, so they still work after the update.

The double opt-in itself can be abused as well. Just imagine a bot commenting many posts and asking for e-mail-notification. For one single blog this can be solved: before sending an opt-in-email the plugin must check, if this was already send before. But if multiple sites use the plugin people might get multiple confirmation requests. I’m not sure yet, if I really want to risk this.

i agree that a dbbl-opt-in solution is a lot of overhead and not optimal, however while it can be abused, a lot of websites use it so apparently incorporating it is better than not

that said, maybe there’s another solution such as a simple challenge-answer solution where a user-defined question is asked (i, for one, hate google’s captcha nonsense)

i think this would be far easier to implement, however a potential problem might be the loss of the option to pre-check the subscribe checkbox (the challenge would show only after checking it) – for me this perfectly fine and it could be implemented as an option where not enabling it results in the plugin working exactly as it does now