CAN-SPAM and Sending Compliance

This document is operator-provided content for the Mule Mail product and should be reviewed by qualified counsel before public launch.

CAN-SPAM is the United States law for commercial email. CASL (Canada) and GDPR/PECR (Europe) add stricter consent rules. Mule Mail is built so the mechanics are handled for you; the relationship with your recipients stays yours.

What Mule Mail enforces for you

• Unsubscribe in every email. The {{unsubscribe_url}} merge tag is validated on template save. A campaign without a working unsubscribe cannot send.
• One-click, no login. Unsubscribe is honoured immediately, well inside the law's window, and also exposed via the List-Unsubscribe header (RFC 8058).
• Suppression. Unsubscribes, hard bounces, and complaints are added to your suppression list and excluded from every future send.
• Physical address. Your organisation's postal address is a setting and is validated before sending, because the law requires it in the message.

What stays your responsibility

• Truthful headers and subject. Do not mislead about who the mail is from or what it is about.
• Consent. CAN-SPAM allows some mail without prior consent; CASL and GDPR often do not. If you have EU or Canadian recipients, use double opt-in. Mule Mail defaults double opt-in on for lists in regions that need it.
• Honouring opt-outs across systems. If you collect addresses elsewhere too, keep suppression consistent. The API and webhooks exist to help you do that.

Double opt-in

Enable it per list. The contact is not active until they confirm. For EU-detected organisations it is on by default. It costs you a few signups and saves you a deliverability problem.

This page explains how the product helps. It is not legal advice. Confirm your obligations for the regions you send to with counsel before launch.

Contact: support@blastforge.com.