Can I turn off making users confirm their Ghost subscriptions?

TL;DR: You should not do this. Read on for why, and other options.

Can I turn off making users confirm their Ghost subscriptions?

A Ghost user asked: Why should we make users click a magic link in email? That's reducing my number of sign-ups, because there's just too much friction.

There's a really specific reason for making users click the link in email. If you don't do that, you run the risk of subscribing people who don't want to be subscribed. That means they'd perceive your emails as unsolicited spam, and you'd run the risk of them reporting you, marking your emails as junk, etc. That's horrible for deliverability, and can mean your messages end up in everyone's junk folder or bounced, if there are enough of them. You do NOT want that to happen.

A digression: A friend's email address is [email protected]. Apparently, someone else is convinced that's their email. He gets newsletters, concert tickets, password reset requests, airline confirmations, medical chart access links, and more. (It doesn't appear malicious. It appears this person just forgets that they have to add a 1955 to the email address or something.) He tried for years to nicely ask some of the people emailing him to remove him from their lists. It didn't work consistently. Now he clicks the "spam" button and moves on. Requiring email confirmation would have prevented all of this.

[And don't get me started on the possibility of someone pranking a 'friend' by signing them up for every newsletter under the sun. It's absolutely hilarious to sign up your teenage guy friend for a bunch of newsletters about older women's health, no?]

So... you should NOT email people unless they've already proven to you that they actually own the email address they typed in the box.

If you don't want to use magic links for Ghost, I've built a single sign-on option for Ghost that lets users use their existing Google/Amazon/Github/Facebook/LinkedIn account to prove who they are instead. This works great and is super smooth with only minor theme modification. [In fact, you could do it with only code injection, although I wouldn't recommend that unless you're limited by Ghost Pro's starter plan.] Single sign-on provides the already validated email from the single sign-on provider to Ghost, allowing your visitors to skip the magic link. It it especially awesome for for signing up users from in-app browsers, which make a mess of the magic-link process.


What about if you're importing users?

Importing users by CSV doesn't generate magic link emails. You as the person uploading the list of emails need to be sure that those emails belong to users who have really opted in, by double opt-in (like above), or by another method like social sign in.

What if you aren't sure your users from a different platform have confirmed emails? Should you import them?

It's possible to use the Ghost API to generate magic link emails for each user, but those magic links are short duration. So generating links for users who might see them two days later is not a great option. Instead, your best bet would be to email each user (once and only once) from your old email platform, inviting them to subscribe on your new platform. Will you lose users doing it, vs just importing them all? Yes, probably, but if your current list is not confirmed, it's probably your best bet. You don't want your deliverability to tank, and you definitely don't want to end up with your account shut down for spamming.

Could we make the process of inviting users from the other platform to confirm smoother?

That's not built into Ghost. If you need a custom solution (take the existing list, email each user a special link that doesn't expire for several days, then validate them when they click it), please get in touch.