What is CAN-SPAM?
CAN-SPAM is a U.S. law that sets rules for commercial email, establishing requirements for sender identification, opt-out mechanisms, and penalties for violations.
The CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography And Marketing Act) is U.S. legislation from 2003 that regulates commercial email. Despite its name, it doesn't ban spam—it establishes rules for sending commercial messages.
Key requirements: - No false or misleading header information (From, To, Reply-To must be accurate) - No deceptive subject lines - Clear identification that the message is an advertisement - Include your physical postal address - Provide a clear opt-out mechanism that works for at least 30 days after sending - Honor opt-out requests within 10 business days - Monitor what others do on your behalf (you're responsible for third-party senders)
Violations can result in penalties up to $50,120 per email. The law applies to any email with commercial intent sent to or from the U.S.
Why CAN-SPAM Matters
CAN-SPAM compliance is legally required for commercial email in the U.S., but it's also table stakes for deliverability. Email providers use CAN-SPAM requirements as baseline signals—emails missing physical addresses or opt-out links look spammy. Beyond legal risk, non-compliance damages your reputation and deliverability.
How Ark Handles CAN-SPAM
While Ark focuses on transactional email (which has different CAN-SPAM treatment), many messages contain both transactional and commercial elements. We help you stay compliant with proper suppression list management, clear sender identification in headers, and guidance on distinguishing transactional from commercial content.
Frequently Asked Questions
Does CAN-SPAM apply to transactional email?
Pure transactional emails (order confirmations, password resets) are exempt from most CAN-SPAM requirements. However, if your transactional email contains any promotional content, the entire email becomes subject to CAN-SPAM rules.
What's the penalty for CAN-SPAM violations?
Up to $50,120 per email. Additionally, deceptive practices can invoke other laws with their own penalties. ISPs and email providers may also blacklist repeat violators.
Do I need an unsubscribe link in every email?
For commercial email, yes. For purely transactional email, no—but you should still provide account notification preferences. Many senders include unsubscribe anyway for user experience, even on transactional messages.
Does CAN-SPAM apply internationally?
CAN-SPAM applies to commercial email sent to U.S. recipients or from U.S. senders. Other countries have their own laws: GDPR in Europe, CASL in Canada, etc. International senders must comply with laws in both sender and recipient jurisdictions.
Related Terms
GDPR for Email
GDPR (General Data Protection Regulation) is EU privacy legislation that affects email marketing by ...
Suppression List
A suppression list is a database of email addresses that should not receive emails, including bounce...
Email Deliverability
Email deliverability is the ability to successfully deliver emails to recipients' inboxes rather tha...
Ready to improve your email deliverability?
Ark handles can-spam and more automatically. Start sending in 5 minutes.