Email Marketing | Updated 08-13-2019

Email Marketing


This guide is for anyone looking to build or send email as a way to advertise or communicate to a list of contacts through any system, i.e. paid media, marketing automation, an email service provider (ESP), or your personal email account.

In 2014, Canada’s Anti-Spam Legislation or CASL, came into effect reinforcing these best practices for email marketing to combat spam and related issues. More recently, the European Parliament enacted the General Data Protection Regulation or GDPR for data protection reform across the European Union in order to make Europe 'fit for the digital age' similar to CASL.

Why does this matter if you don’t work or live in Canada or Europe? The US has had similar laws and best practices in place since 2003 with the “Controlling the Assault of Non-Solicited Pornography And Marketing” Act or CAN-SPAM. The differences are how people can be opted-in, are considered opted-in, how you store records for these opt-ins, and how contact opt-outs are managed.

In this digital age where more people are prevalent online, it gets harder and harder to set regional and national boundaries. Are you sure that list you have does not contain addresses from Canada or Europe? This is why it’s important to err on the side of caution, to protect ourselves and our clients as their digital representatives.

The Bottom Line

We, as an marketing professionals, need to ensure that we, on behalf of our clients, are capturing email opt-ins appropriately, getting confirmation of proper list procurement, are handling opt-out requests promptly, and are implementing proper list management practices [12].

What’s the risk? At the lowest level, our client’s email marketing account will get suspended or have their IP address/domain blacklisted [11]. This will prevent them from sending additional email or causing all their email to be flagged as spam until the issue is resolved.

At the highest level,

  • Administrative Monetary Penalties (AMPs) consisting of fines of up to $1 million for individuals and up to $10 million for corporations per violation. [10]
  • Vicarious liability. This means that corporate directors can be found to be liable for the wrongful acts of a corporation or organization, and the corporation can be found to be liable for the wrongful acts of its employees. [10]
  • Private rights of action. This means that after July 1, 2017 individuals can sue another individual or organization for damages after proving actual harm or loss after receiving an unsolicited and unwanted Commercial Electronic Message (CEM). An individual cannot sue an organization if the Canadian Radio-television and Telecommunications Commission or CRTC has already taken action against it. [10]

Best Practices

  • Obtain explicit consent.
  • Always send from a proper ESP, never from your personal email.
  • Don’t use false or misleading header information. Your “From,” “To,” “Reply-To,” and routing information – including the originating domain name and email address – must be accurate and identify the person or business who initiated the message. [1]
  • Don’t use deceptive subject lines. The subject line must accurately reflect the content of the message. [1]
  • Identify the message as an ad. The law gives you a lot of leeway in how to do this, but you must disclose clearly and conspicuously that your message is an advertisement. [1]
  • Tell recipients where you’re located. Your message must include your valid physical postal address. This can be your current street address, a post office box you’ve registered with the U.S. Postal Service, or a private mailbox you’ve registered with a commercial mail receiving agency established under Postal Service regulations. [1]
  • Tell recipients how to opt out of receiving future email from you. Your message must include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future. Craft the notice in a way that’s easy for an ordinary person to recognize, read, and understand. Creative use of type size, color, and location can improve clarity. Give a return email address or another easy Internet-based way to allow people to communicate their choice to you. You may create a menu to allow a recipient to opt out of certain types of messages, but you must include the option to stop all commercial messages from you. Make sure your spam filter doesn’t block these opt-out requests. [1]
  • Honor opt-out requests promptly. Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request. Once people have told you they don’t want to receive more messages from you, you can’t sell or transfer their email addresses, even in the form of a mailing list. The only exception is that you may transfer the addresses to a company you’ve hired to help you comply with the CAN-SPAM Act. [1]
  • Monitor what others are doing on your behalf. The law makes clear that even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law. Both the company whose product is promoted in the message and the company that actually sends the message may be held legally responsible. [1]
  • Connect an email sending domain. Use DKIM (Domain Keys Identified Mail) email authentication, which is used to verify a sender's identity. When you send an email, your recipients’ email filters may review your DNS records to verify the from address. To prevent your email from getting caught in spam filters, you can give the ESP permission to send emails on your behalf by connecting an email sending domain. [9]
  • Do not send image only email. [6]
    • Email spammers are notorious for using images to hide the text of their email - if it’s in an image, most email clients won’t be able to read the spammy message about a far-off prince who desperately needs you to wire him money immediately. To make up for this blind spot, many spam filters will reject image-only emails.
    • You don't want people to have to go through an extra step to see your message (e.g. click to ‘download images’ in Outlook). If the image is blocked, the entire email will appear to be blank and the recipient is more likely to ignore it, unsubscribe, or mark the message as spam.
    • Depending on the end user’s internet connection and browser speed, it may take a while for the email to load. The longer it takes to load, the more likely they are to click away from the email, send it to the junk folder, or unsubscribe.
    • Do you want recipients to be able to find your email when they want to? Of course! There may come a time when an email recipient wants to reference an email you sent them a while back which has now been lost in their busy inbox. Give them the option to search for that email by using text for most of your content.
  • Focus on content first emails. [7]
    • Make your emails in a way where they make sense when you take the images out. Many clients including some big ones, like Outlook, block images as a default. Unless the recipient is actively right clicking and opening the image boxes, your text is going to have to be able to stand on its own. When crafting your email, put more focus on your content than the ratios. When you run an email test, you’ll be able to see exactly how that text will show up. If it makes sense with no images, you’re in good shape.
    • Use Alt text with images. This will help you get a sense of what to do when images are turned off. Once again, you should use this but stand on content. Content is king for a reason. However, you should always consider accessibility best practices when using Alt tags. Setting the right alt text will enable screen readers to accurately describe images to those using them. However, not all images need alt text. If your image is purely for the aesthetics of the email, such as a spacer gif or shadow, be sure to set an empty alt=”” on the image. This simply tells the screen reader to skip over these images.
    • You need to have some balance for the basics to work. Make sure you have a balance between image and text that makes sense for the type of devices you’re sending to. If you’re mostly looking at mobile clients, an image focus is a good balance. If you’re going to be in Outlook mostly, you may want to focus on the text more. Find the balance based off your specific campaign needs.
  • Keep email subject lines fewer than 50 characters to make sure the people scanning your emails read the entire subject line. [8]
  • Best day and time to send? Thursday at 10am eastern. [13]


Contact List (who’s receiving the email)

Suppression (domain(s)/addresses to always remove) and Seed (addresses to always include) lists

Goals and Metrics (what is the intent of this email, what does success look like?)

Email Planning (email content and send date)

Email Content Copy

Email Content Art

Links/Calls to Action

Email Service Provider Setup

Email Template Design and Programming

Email Template Testing

From Address (example:

From Name (example: name)

Email Subject (30-50 characters)

(optional) Email Preview Text (100-140 characters)

Email Send

Email Reporting

Ongoing Contact/Subscriber List Management

Design Resources/Ideas



  • Email Service Provider (ESP): Examples include HubSpot, MailChimp, and Content Contact.
  • U.S. CAN-SPAM Act: A law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations. Each separate email in violation is subject to penalties of up to $42,530. [1]
  • Canadian Anti-Spam Legislation (CASL): Canada's anti-spam legislation protects consumers and businesses from the misuse of digital technology, including spam and other electronic threats. It also aims to help businesses stay competitive in a global, digital marketplace. Penalties for the most serious violations of CASL can reach $1 million for individuals and $10 million for businesses. [2]
  • Marketing Email: Any email sent that primarily contains a commercial message or content intended for a commercial purpose (i.e. nurturing leads through your funnel) is considered a marketing email and must follow local laws. Marketing email is generally sent to groups of contacts that are prospects or customers.
  • Transactional Email: One-to-one emails that contain information that completes a transaction or process the recipient has started with you. A common example is in e-commerce, after purchasing an item you receive an email receipt that has information about the item, price, and shipment. Transactional email is sent to individuals in response to an action on their part, rather than a large list of recipients.[3]
  • Commercial Electronic Messages (CEMs): CEM is an electronic message (ALL EMAIL) sent by any means of telecommunication that encourages participation in a commercial activity, regardless of whether there is an expectation of profit. Electronic messages do not cover facsimile or normal voice-to-voice telephone communication. Includes email, text, sound, voice or image messages, possibly some social media content.
  • Examples of CEMs:
    • An e-newsletter which provides all sorts of information that is not commercial in nature, but that contains a link to a sponsor's website;
    • An online client satisfaction survey;
    • A mass email providing general information about your business or organization;
    • An electronic message that requests consent to send a CEM, is in itself a CEM.
  • Implied consent: You may rely on implied consent for sending CEMs if it is done under certain conditions, as set out in section 10(9) of CASL. This may include having an existing business relationship (EBR) based on a previous commercial transaction with the recipient; or having an existing non-business relationship based on, for example, membership in your club, or if the recipient participated as a volunteer for your charitable organization; or where a person makes their email address publicly available by publishing it on a website. In the latter case, this conspicuous publication of their email address must not be accompanied by a statement indicating they do not want to receive CEMs at that address. If the statement is not present, in order to send a CEM, the message must relate to the recipient's business role, functions or duties in an official or business capacity. There is a time-limitation attached to the life of the implied consent, whether business or non-business, must have been created prior to 1 July 2014 in order to rely on the 3 year transitional provision set out at section 66 of CASL. Section 66 deems implied consent for a period of 36 months, starting 1 July 2014, if there is an existing business or non-business relationship with the recipient. In order to rely on the transitional provision, the parties' relationship must also have included communication via the sending of CEMs. [4]
  • Explicit Consent: Express consent means that a person has clearly agreed to receive a CEM, either in writing or orally. The recipient must take proactive action to indicate their express consent (in other words, express consent must be obtained through an opt-in mechanism, e.g. signing up at your website). Remember that an electronic message that contains a request for express consent is also considered to be a CEM under CASL and therefore is not a method through which express consent can be obtained. Express consent is not time-limited: once express consent is obtained you are able to send CEMs until the recipient notifies you that they no longer want to receive them. [4]
  • Toggling: In order to comply with the express consent provisions under CASL, a positive or explicit indication of consent is required. Accordingly, express consent cannot be obtained through opt-out consent mechanisms. [5]