Home › Community › Cold email compliance checklist. The 8 things you must do to stay legal
Compliance

Cold email compliance checklist. The 8 things you must do to stay legal

compliance_check · 2026-02-25 · 2,120 views

Cold email is legal in most countries when done correctly. But there are rules you must follow. Ignoring them doesn't just risk fines. It risks your domains, your sender reputation, and your entire cold email operation. Here are the 8 things you must do.

1. Include a real physical address. CAN-SPAM requires a valid physical postal address in every commercial email. This can be your office address, a PO Box, or a registered commercial mail receiving agency. It must be real and you must actually receive mail there.

2. Include an opt-out mechanism. Every cold email must give the recipient a clear way to unsubscribe. A simple "Reply STOP to unsubscribe" works. Most sending platforms like Instantly and Smartlead handle this automatically with unsubscribe links.

3. Honor unsubscribes within 10 days. CAN-SPAM gives you 10 business days to process unsubscribe requests. In practice, do it within 24 hours. Most sending platforms process unsubscribes instantly. If someone asks to be removed, remove them immediately. No exceptions.

4. Don't use misleading From names. Your From name and email address must accurately identify who is sending the email. Don't pretend to be someone you're not. Don't use a fake name or impersonate another company.

5. Don't use deceptive subject lines. Your subject line must accurately reflect the content of the email. "Re: our conversation" when you've never spoken to them is deceptive. "Quick question about [company]" is fine because you're genuinely asking a question.

6. Identify the email as commercial. While CAN-SPAM requires identifying commercial email, there's no specific format required. A professional email from a business domain with a clear business purpose satisfies this requirement.

7. Keep records of consent for GDPR. If you email prospects in the EU or UK, GDPR applies. You need a lawful basis for processing their data. For B2B cold email, "legitimate interest" is the most common basis, but you should document your reasoning and be prepared to demonstrate it if asked.

8. Don't email consumer personal addresses for B2B products. If you're selling B2B products or services, email business addresses only. Sending B2B pitches to someone's personal Gmail or Yahoo address crosses from B2B outreach into consumer spam territory.

Following these 8 rules keeps your cold email operation legal and protects your sender reputation. Most compliance violations happen from ignorance, not malice. Now you know the rules.

Back to Community · Cold Email Blog · B2B Sales Tools Directory