Last night I received about 800 emails confirming my subscription to various WordPress blogs, obviously the result of a hack. After I figured out what was going on I deleted them. No harm done, since almost all of them followed the best practice of requiring the recipient to confirm that they did indeed subscribe.
Unfortunately, two (so far) blogs did NOT require a confirmation and I’ve already started receiving peppy messages from them. Of course, these go straight to my junk mail folder. I am sure the thousands (millions?) of other recipients will do the same which effectively ruins the deliverability of future emails from those addresses.
Lesson: go right now, if you have a blog or a contact link on your company website, and be sure you require the additional confirmation step. If not, fix it now!