What are the main requirements of CAN-SPAM?

Accurate header information: From name, email address, and routing information must truthfully identify the sender. Spoofing or misleading headers violates the law. Non-deceptive subject lines: the subject must accurately reflect the email content-"Your order is ready" for a promotional email with no order violates this requirement.

Advertisement identification: commercial emails must be identifiable as advertising, though the law provides flexibility in how this is accomplished. Physical postal address: every commercial email must include a valid physical address where the sender can receive mail-street address, PO Box, or commercial mail receiving agency box all qualify.

Unsubscribe mechanism: clear, conspicuous opt-out option that's easy to find and use. The mechanism must remain functional for at least 30 days after sending. Prompt opt-out processing: honor requests within 10 business days. You cannot require fees, personal information beyond email address, or multiple steps beyond the initial request. CAN-SPAM requirements are straightforward technically but often violated through negligence-audit your emails regularly against each requirement.