The Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM) of 2003 establishes requirements for those who send commercial email, spells out penalties for spammers and companies whose products are advertised in spam if they violate the law, and gives consumers the right to ask emailers to stop spamming them.

The law, which became effective January 1, 2004, covers email whose primary purpose is advertising or promoting a commercial product or service, including content on a Web site. A "transactional or relationship message" email that facilitates an agreed-upon transaction or updates a customer in an existing business relationship may not contain false or misleading routing information, but otherwise is exempt from most provisions of the CAN-SPAM Act.

The Federal Trade Commission (FTC), the nation's consumer protection agency, is authorized to enforce the CAN-SPAM Act. CAN-SPAM also gives the Department of Justice (DOJ) the authority to enforce its criminal sanctions. Other federal and state agencies can enforce the law against organizations under their jurisdiction, and companies that provide Internet access may sue violators, as well.

What the Law Requires:

  • Messages must contain the sender's accurate return email address.

  • Messages must not contain any forged routing information.

  • The subject line must not be misleading.

  • Each message must include the identity and postal mailing address of the sender

  • Each message must contain an Internet-based functional unsubscribe mechanism, and this mechanism must be clear and conspicuous.

  • Unsubscribe requests must be honored within ten business days.


Each violation of the above provisions is subject to fines of up to $11,000. Deceptive commercial email also is subject to laws banning false or misleading advertising.

Additional fines are provided for commercial emailers who not only violate the rules described above, but also:

  • "harvest" email addresses from Web sites or Web services that have published a notice prohibiting the transfer of email addresses for the purpose of sending email

  • generate email addresses using a "dictionary attack" combining names, letters, or numbers into multiple permutations

  • use scripts or other automated ways to register for multiple email or user accounts to send commercial email

  • relay emails through a computer or network without permission for example, by taking advantage of open relays or open proxies without authorization.

  • The law allows the DOJ to seek criminal penalties, including imprisonment, for commercial emailers who do or conspire to:

  • use another computer without authorization and send commercial email from or through it

  • use a computer to relay or retransmit multiple commercial email messages to deceive or mislead recipients or an Internet access service about the origin of the message

  • falsify header information in multiple email messages and initiate the transmission of such messages

  • register for multiple email accounts or domain names using information that falsifies the identity of the actual registrant

falsely represent themselves as owners of multiple Internet Protocol addresses that are used to send commercial email messages.

Contact us for more information


           Home         About Us          Services          Solutions          Careers          Contact

Copyright 2021 AMZNET LLC. All rights reserved