The CAN-SPAM act is a horridly named law that was put into place in 2003. More and more ISPs and email providers are getting strict on the rules. So I thought I would let you guys know what it means for you and how you can avoid being caught by it.


The Awful Name


When I read CAN-SPAN I read it as  the “allow to spam” act. It’s intention was more along the lines of “ditch or disallow spam”. Try to keep that in mind when trying to comply. The rules are “deny first”. So unless you meet ever single rule, you can get dinged.


The penalties


Not adhering to CAN-SPAM rules can cost you up to $1,600 an email. So if you send something to 50 people, and do it wrong, that can cost you $80,000.  Now imagine you did that to every member of your website, or all your customers, or that huge mailing list you just got.


Who does it apply to


It applies to any and ever email that is sent when the emails primary purpose is selling or advertising a good or service.  That means every email, even when your sending a single email to one of your customers just because you think they will be better served by an upgrade or downgrade.  There are no exceptions for B2B emails or emails that offer free services or goods.


How to comply


Compliance is a bit of a pain the first time you do it, but after that it’s not so bad.  Just follow these easy rules:


Use only valid email headers, this can sometimes be a problem if your mailing from a website or forum software directly, but most of the time this is not a problem and is automaticly taken care of by your email program. If your not sure, send your developer an email and ask them to check. It’s very easy to check.

Subject lines must reflect the content of the email. Plain and simple.

Declear the email as an ad. Nothing fancy here, but don’t try to send ad emails that don’t look like ads. Just clearly state that the email is an ad or give the pourpose for the email.

Tell the recipiants where you are located. Every email should contain your physcall address. Normally this is included in the footer of the message.

Tell the recipiants how to opt out, then honor the opt-outs. Make sure that you include some way that your recipiants can stop getting these emails, then honor the request to not receive them any more. You have 10 days to proccess their request. A return email address is usually a good way to handle small lists. Just make sure that it’s easy to find and that you honor their request. This is the big one that gets people into trouble.

Make sure that if your using a SAAS solution, or contract out your mass mails that the people your having do it are honorable. You are sill legally responcibal for the emails and their compliance.

Some tips for complaince.


If your using a HUGE list of thousands, then use a third party service like icontact. They handle this stuff for you.

If your using a small list of 1–100 people and just sending manually or via forums or other automated tools, test it first, and ask your self, “If I wanted to opt-out, is it clear how to, can I find the physical location easly?”

Make sure you are being honest. Clearly state that the email is an add. Make it clear. Don’t try to trick someone into clicking a link or some such, just be strait forward.

Never send the emails through your ISP with out checking with them first. This will just cause a problem for you. Make sure you contact them first with your intent. If they don’t allow that many emails (and most won’t) you can use a third party like authsmtp.  In both cases, they can help you be compliant if you need help, and will surely help make sure the headers are correct.

Never send emails from a website like a blog or forum with out checking with both the developer, and the hosting provider. Many “pre-packaged” sites have mods or plug-ins that can send large amounts of emails, but 9/10 hosting providers (myself included) will block large amounts of emails, or even disable your account.  While websites are generally allowed to send a low volume of emails (like new user sign-ups, or sales receipts), but mass mailings, even to a few hundred, could really get you in trouble.

Create an opt-out method for your users that is internet based. For small lists, “Send an email here” is good enough, but you have to be committed to reading it, and removing them from the list. For larger lists the “click this link” or “login here and un-check this box”  are good automated methods.

Always send from a real address. Don’t use a made up address like “”. The address it’s self is fine, but the address should exist, and it should be monitored, at least a little.

Don’t purchase or rent email lists. You need to be able to prove that the people your emailing have a relationship with you. Use opt-in forms, or membership sites, customer lists, etc. It’s easy to build a list. Purchasing a list (or renting one) is a sure fire way to get in trouble.

Make sure your list is kept up to date. Don’t use a list from a product you stopped selling seven years ago.

Remind your recipients where you got their email from. Even if they just bought something last week, some people will need reminding.

Complying with the CAN-SPAM act is not too difficult, and spending a little extra time upfront to get it right is worth it. Not complying can get your domain added to a list of spammers, fines from the FTC, and other not so nice things. Programming LLC. is about one thing. Getting your project done the way you like it. Using Agile development and management techniques, we are able to get even the most complex projects done in a short time frame and on a modest budget.

Feel free to contact me via any of the methods below. My normal hours are 10am to 10pm Eastern Standard Time. In case of emergency I am available 24/7.

Phone: (813) 421-4338
Skype: coteyr
Guru: Profile