The CAN-SPAM Act of 2003 (acronym for Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003) officially came into law on January 1, 2004. The CAN-SPAM Act applies to almost all businesses in the US that use e-mail, and provides recipients of spam with the right to opt-out of these spam messages, and have their opt-out (or unsubscribe) request acted upon. Under the CAN-SPAM Act of 2003, permission of the e-mail recipient is not required prior to sending out the e-mails, however if a recipient wants to unsubscribe or opt-out of the mailings then the business must stop sending the e-mails as per the opt-out request or face severe penalties.
In addition to enforcing an opt-out or unsubscribe system for recipients, the CAN-SPAM Act of 2003 also prohibits some of the common spammer trickery such as; changing mail servers to send the spam, changing e-mail headers or the "from" e-mail address to hide the identity of the sender, and using deceptive subject heading.
Damages for non-compliance can result in the spammer facing fines of up to $250 per illegal e-mail message up to a maximum of $2 million or more if the offense includes certain aggravating violations. In situations involving e-mail deception, the penalty could be jail time.