CAN-SPAM compliance checker

About CAN-SPAM

The CAN-SPAM Act (2003) sets rules for commercial email in the United States. It uses an opt-out model, meaning you can email recipients without prior consent as long as you provide a clear way to unsubscribe and honor those requests within 10 business days. Violations can result in penalties of up to $51,744 per non-compliant email, so small oversights like a missing physical address or a broken unsubscribe link carry real risk.

Where most senders slip up

• Missing or invalid physical postal address in the footer.
• Unsubscribe links that require a login or multiple steps to complete.
• "From" names or subject lines that are accurate on one send and misleading on the next.
• Third-party sends on your behalf that do not meet the same standards.

Other regulations to consider

• GDPR (EU) — requires explicit opt-in consent for marketing email.
• CASL (Canada) — opt-in model similar to GDPR, with detailed identification rules.
• PECR (UK) — post-Brexit rules that align with GDPR for direct marketing.
• CCPA (California) — privacy rights including opt-out of data sale and disclosure.

This checker is for informational purposes only and does not constitute legal advice. Review your program with counsel for jurisdictions that apply to your recipients. Pair this check with SPF, DKIM, and DMARC checks to harden your sending domain.