Save your hide by getting verification on every entry; i.e: 1) Get request. 2) Send email to alleged requester. 3) Do nothing unless/until you get back a confirming "yes, I do want" reply.
Yes, very good point. I should have included that too.
That's exactly what we are doing. Which is good :) As it's still likely to end up with the most popular domains @hotmail.com, @yahoo.com, @aol.com having several thousand recipients though I'm still interested in whether anyone has more experience of ensuring that mail doesn't get blackholed. I'm thinking along the lines of whether and how it's necessary to rate limit sending to those domains, whether they don't like single messages having more than a certain number of RCPT TO lines, whether there are contracts that one can sign to get access to some sort of super special non-public MX for them, etc... or whether it's just all pot luck ;) J.