Mailchimp allows direct import of email addresses, rather than requiring a new opt-in through their platform as some similar services do. Direct list import = spam = more revenue for MailChimp.
I used to work for a company that had built up it's subscriber list over 10 years, we tried moving to a few other services but didn't get very far because they required actual physical proof that the user had opted-in to our mailing list, which we couldn't do (because nothing other than the email was ever logged). The only way to do it would have been to "resubscribe" all of the users to the new provider and hope they chose to opt in again. This likely would have lost us a significant percentage of our mailing list. There was no such requirement from Mailchimp, so you can guess who got our business.
How would you prove an opt-in, even if you had more info than just the email address? I mean, would a timestamp column suffice? What did they expect to see exactly?
In my experience they probably handle it based on the spam reports they get. They get feedback from all the major providers so if someone clicks the spam button they know.
If you import a huge list for spamming they will find out the first time you send out email and block your account.
