Here is a little something I just posted to the WordPress Hackers mailing list.
If you are using a badly coded plugin to subscribe to comments on a blog, take this as a very serious warning.
I have also suggested some new functionality that would improve the readership experience.
Sometimes comments get lost, deleted (even by mistake), or you might want to keep a record of the comments you make on different blogs.
Someone commenting on a blog has to leave an email address, and using some plugins also has an option to have followup emails sent to them.
This isn’t an ideal system – it is actually very dangerous
Here is a better way for it all to be integrated
When you place a comment you have exactly the same interface as it is now. (with the plugin for followups)
When you post a comment, a copy of what you posted is sent back to you by email
If you reqested followups to the message, you will be provided with a link to click to confirm the subscription to the comments.
Comments are only sent to you if you have confirmed it
Some of the code would also be used to confirm signing up as a member to a blog, before they receive a password.
The current system works, but is liable to spam complaints. Lots of people using email services like AOL tend to hit the “this is spam” button instead of the delete button.
This would be especially true if you posted a comment to a post, subscribed, and then the comments exploded with 500 comments in a few hours (it happens).
Every implementation of the subscribe to thread I have seen so far doesn’t provide you with a link to remove your subscription.
I deliberately don’t use such a plugin on my own domains because what can happen if you get spam reports is quite nasty.
I think this is something major that needs to be looked at.
This is something I am willing to take on board in the future if noone else has the inclination / time / resources to do it now.
I am not sure how complex it will be to do this correctly, or whether my current programmers are up to the task based on experience to date. In a few months they will have more familiarity with the core, and it would be a more realistic undertaking.
The plugins currently available are a liability. Spam complaints can affect email deliverability, or at worst people’s domain names can be frozen, especially using popular registrars such as Go Daddy.
Go Daddy have every right to protect against spam complaints, but it shouldn’t be caused by WordPress, or the poor design of existing plugins.
I should point out I have subscribed to many threads in the past using such a plugin. It is useful, but sometimes you receive a lot more email than you intended with no way to unsubscribe.
A reader who was not “Email marketing aware” might just hit that “this is spam” button to stop the emails coming.